Head of Department at LTUC - Irbid, Abdul Aziz Al Ghurair School of Advanced Computing,
good to know
Sharing about IoT AI EdgeComputing Cybersecurity, or help you discovering them (mix of personal thoughts) | Edge Intelligence advocate | Not ex-MIT, not ex-Google, not ex-Meta, not GPT-free-courses…
The list of everything you should not do (...then, assess and fix). Security costs less than late response to hacking. And my own one-bullet list: apply a Zero-Trust strategy as soon as possible. Intro using Wikipedia: https://lnkd.in/dXgnyUJM Deeper info on NIST: https://lnkd.in/dNzavxhM What is Zero Trust in few words: Zero Trust architecture is a cybersecurity strategy built on the principle of "never trust, always verify." It means that every user, device, or application attempting to access resources on the network, must be authenticated and authorized before gaining access. This authentication and authorization process typically involves multiple layers of security controls, such as strong authentication, micro-segmentation, encryption, continuous monitoring, etc. It can significantly minimize the risk of insider threats, reduce the attack surface and prohibit unauthorized access to sensitive data through access privileges granted dynamically and based on contextual factors like user behavior, the state and health of the device and the sensitivity of the resource being accessed. After applying Zero trust rules: 1. You should not use bad passwords anymore 2. You should not have insecure network services 3. You should not have insecure ecosystem interfaces 4. You should not lack of secure update mechanism 5. You should not use of insecure or outdated components 6. You should not have insufficient privacy protection 7. You should not have insecure data transfer and storage 8. You should not lack of secure device management 9. You should not have insecure default settings 10. You should not lack of physical hardening #IoT #Security #OWASP #ZeroTrust
