IoT + DDoS = Disruptive (Business + Cyber) Risk!

A. Pabrai
United States

Keywords: IoT, DDoS, Cybersecurity


Gartner estimates about 6.4 billion Internet of Things (IoT) devices today, such as DVRs, surveillance cameras, and many others, all connected to the Web and all with Internet (IP) addresses. By 2020, it is expected that the number of Web-connected devices will increase to 20.8 billion. So, why are these numbers relevant to cyber-security? An IoT fact is that these devices were not designed or developed with security at their core. Further, these devices are typically not configured securely. As IoT becomes pervasive across industries, including healthcare, financial, and government; organizations, must be prepared for this rising, and disruptive threat. Further, the risk from IoT increases the challenge for addressing compliance mandates associated with sensitive and confidential information. As the IoT becomes pervasive in healthcare given the explosion of wearable healthcare and fitness devices, sleep monitoring, infant monitoring, brain and neurotechnology sensors and many others, every healthcare organization must develop an IoT cyber-security policy. This policy describes key areas that must be addressed consistently as such IoT devices are deployed within the enterprise. The policy must raise the level of awareness of what are the various types of IoT devices that may be deployed within the organization. Security issues associated with IoT devices and requirements for securing such devices must be stated clearly. Processes then need to be implemented within the organization to ensure that IoT devices are not the weak links in an organization’s cyber-security program. From this brief you will learn, Examine why IoT = Internet of Threats. Step through how botnets and DDoS can be disruptive to sites and Web applications. Walk thru an IoT Security Policy that addresses key compliance requirements. Develop a strategy for addressing such emerging threats in the context of your enterprise cyber security plan. As we look ahead, we are at the dawn of highly targeted and synchronized cyber-attacks that will launch in waves at organizations small and large. Business priorities are guaranteed to be disrupted unless we are much better prepared. Start with four key cyber-steps: 1. Acquisition of or immediate access to cyber-security skills to lead and manage initiatives with discipline and consistency. 2. Raise the cyber-security knowledge bar significantly throughout the enterprise. 3. Create a credible enterprise cyber-security plan that establishes the foundation for priorities – and is funded appropriately. 4. Conduct a comprehensive and thorough cyber-security risk analysis that includes within it a scope vulnerability assessment targeted at vital assets such as IoT (DVR, surveillance cameras, others) and biomed devices. IoT raises the priority for cyber-security in organizations. Tomorrow starts now! Get started to lower business risk from IoT!