qomodo reposted this
Attackers lean towards the path of least resistance, like any criminal. From a security standpoint that means find some passwords or find some exploits for sale, for instance. Itโs good to see a focus on regulation/compliance when it comes to #XIOT/#IOT, all be it a little broad, itโs a start. Much of #regulation is looking to protect the consumer, while enterprise/corporate security compliance puts the owness on the security teams/CISO. Another risk to add to the list. There are a few problems as I see it: - Security teams have good ways of bringing laptops/servers back into compliance, but not IOT - The state of IOT presents a risk that in the very near future, much of #XIOT devices will no longer be complaint, or will have to be ripped out/replacedโฆsounds pricey - Regulation is evolving, and itโs hard for device manufacturers to future proof for the continuing iteration of regulation - IOT technologies cannot have the same enterprise level security expectations added to them (until now ๐) This article talks about some of the threats, but in all honesty, IOT is mostly a starting point for moving laterally. For cyber criminals and nation states #IOT/#XIOT is that door on the street that is unlocked, or has the old Yale lock that some of us learnt how to pick while in COVID (if you know, you know) ๐ We have some pretty exciting things coming up this year to help with these issues, which may make a small difference to IOT overall, but a huge difference to managing and mitigating business risk. Article here: https://lnkd.in/gh2pPxxc #iotsecurity #iotcompliance #xiot #cybersecurity #businessrisk