|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
Better IoT Security Through Crowdsourced, Blockchain-Driven Platforms
A robust and effective decentralized system of vulnerability reporting and mitigation, leveraging cryptocurrency and blockchain technologies, could improve the security of the IT infrastructure on which everyone relies.
Oct 01, 2018—
The Internet of Things (IoT) encompasses a wide range of devices, from connected refrigerators to insulin pumps. It has also been a popular solution for enterprise executives looking for ways to increase the quantity and quality of information about their businesses. The prevalence of these connected devices that line not just our homes, but also countless enterprises across all industry verticals, makes IoT vulnerabilities extremely target-rich and, therefore, incredibly attractive to hackers. And though a vulnerable smart toaster may not culminate in debilitating repercussions for our connected world, the rise of smart infrastructure and autonomous vehicles means that software security will soon be synonymous to the safety and privacy of all.
Is Open-Source Critical in the IoT?
Is Our Connected World Secure?
At Black Hat 2017, two security researchers demonstrated their ability to hack internet-connected car washes. They were able to close the entry and exit doors, thereby trapping the car and its driver, and remotely maneuver the car-washing apparatus to strike the vehicle. The hackers could stop the driver's attempts to escape by repeatedly opening and closing the doors, further damaging the car and potential injuring the occupants. In the same year, St. Jude Medical's cardiac device implants were revealed to contain vulnerabilities that hackers could use to tamper with the device's control of vital heart functions. St. Jude's failure to remediate the "universal code that could allow hackers to control the implants" invited the criticism of investment firm leader Carson Block, who threatened to short-sell the device's stock.
While some organizations fail to prioritize IoT security, more security-conscious companies leverage specialized security solutions to identify and manage the relevant issues in their codebase. Some choose to deploy software composition analysis (SCA) tools developed by security technology innovators such as Synopsys and Insignary, which equip customers with customized security reports so they can practice effective OSS risk management. But this is not an be-all and end-all solution.
To produce these reports, SCA tools leverage external databases of known OSS-related vulnerabilities, against which they map the customer's individual risk. Yet these databases are limited by their centralized management, which hinders them from addressing the escalating number of OSS projects and associated security risks. As a result, the information found in these databases is neither complete nor up-to-date, preventing organizations from remediating security vulnerabilities as efficiently and effectively as possible.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.
TAKE THE POLL
|RFID Journal LIVE!||RFID in Health Care||LIVE! LatAm||LIVE! Brasil||LIVE! Europe||RFID Connect||Virtual Events||RFID Journal Awards||Webinars||Presentations|