Fred Langston CISSP, CCSK, a founder of CI Security, has long been at the forefront of information security. He has over 25 years of professional information security experience working for hundreds of clients on projects to create effective strategies, enterprise security and data protection programs and governance models. This includes constructing a set of effective, proven business and security processes that are in use at hundreds of companies today. Mr. Langston participated in the working group that drafted the proposed HIPAA security rule, has led the security sessions at HIMSS, was formerly on the HITRUST Alternate Controls Committee and was in the working group that created SIG and the AUP for the Banking IT Security (BITS) Forum, Financial Institutions Shared Assessments Program (FISAP).
IOT, OT, AI, OH MY! THE INSECURITY OF ‘THINGS’
You’ve heard that IoT has a lot of security flaws, but do you know what to do about it? Determine your own risks and what you can do to protect yourself from the insecurity of the internet of things.
When we think of computers, we think of a human sitting in front of a display typing on a keyboard. Or maybe it’s a datacenter filled with racks of servers. The reality is much different. Today, it’s easier to identify the ‘things’ that are not computers, because almost every device, from toys to doorbells to cars to medical implants, is a computer or is made up of computers. Cities can have thousands of networked devices with microprocessors that can be buried in the road, perched atop of a traffic light, deep in the sewers, or on a boat ramp in a park. Local hospitals rely on hundreds of devices that can monitor, sustain, and improve the wellbeing of patients from the intercom on the walls to the pacemaker making its way to the operating room.
Virtually all these things can be compromised and made to cause harm, to launch extortion schemes against governments, companies and people, to steal your or others sensitive information, and even to act as a weapon in a cyberwar.
There are steps you can take, both before your devices get hacked and after it happens. Learn how to detect intruders and expel them quickly.