ben goodman cybersecurity in the iiot
Post on 22-Jan-2018
50 Views
Preview:
TRANSCRIPT
© 2016 ForgeRock. All rights reserved.
© 2016 ForgeRock. All rights reserved.
Industry 4.0
By ChristophRoser at AllAboutLean.com, own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47640595
© 2016 ForgeRock. All rights reserved.
Top Barriers to IoT Adoption
© 2016 ForgeRock. All rights reserved.
Internet of Things Top Concerns
Security & Privacy Concerns
Value Assessment, Case Studies &
Organizational Consensus
Lack of Solution Knowledge
Legacy Infrastructure, Lack of Skills,
Integration & Costs
Lack of Standards & Interoperability
1
2
3
4
5
Source: IoT Institute, 2016 IoT Trends
Survey
© 2016 ForgeRock. All rights reserved.
Connected Car Hacked
Charlie Miller
Chris Valasek
Kill Engine
Brake /
Disable
July 2015
Track / Steer
Jeep
Cherokee
© 2016 ForgeRock. All rights reserved. 6
Connected Health Hacked
Jack Barnaby
Medtronic Insulin Pump
Adjust /
Disable
February
2012
© 2016 ForgeRock. All rights reserved.
Internet of Things Other Hacks
HackedConnected Home
Connected Industry Hacked
Smart Livestock Unsure
© 2016 ForgeRock. All rights reserved.
Why is it that these connected devices are being hacked over and over again?
The list below, while not exhaustive, explains some of the reasons why these new connected devices are so easy to hack and why we’re likely to see more hacks in the future.
• MVP mindset
• Usability > security
• Lack of skills and resources
• Ship and forget mindset
• You (the user)
• Complex supply chain
• Cybercrime as a service
© 2016 ForgeRock. All rights reserved.
Security Adoption Cycle
”Oh
Crap”
© 2016 ForgeRock. All rights reserved.
Identity Access Management Identity Relationship Management
Customers
(millions)
On-premises
People
Applications
and data
PCs
Endpoints
Workforce
(thousands)
Partners and
Suppliers
Customers
(millions)
On-premises Public
Cloud
Privat
e
Cloud
People
Things
(Tens of
millions)
Applications
and data
PCs PhonesTablet
s
Smart
Watches
Endpoints
Business Has Changed: Enterprises now require Identity Relationship Management (IRM)
© 2016 ForgeRock. All rights reserved.
Perimeter-Based Security Identity-Centric Security
Enables Digital
Business
Untrusted
Truste
d
Inhibits Digital
Business
Old Security Model is Broken. Security Must Now Be
Identity-Based, and implemented by design.
© 2016 ForgeRock. All rights reserved.
IAM in the age of the digital
business is more typically
characterized by a web of
paths involving a variety of
application locations,
endpoint devices, and things.
Workforce
(thousands)
Partners and
Suppliers
Customers
(millions)
On-premises Public
Cloud
Private
Cloud
People
Things
(Tens of
millions)
Applications
and data
PCs PhonesTablet
s
Smart
Watches
Endpoints
Next Generation IAM
© 2016 ForgeRock. All rights reserved.
Why IoT Needs Identity
•An object must be identified in order to be secured
•Unified identities of applications, cloud services, software code and connected devices
•IoT authorization decisions requires real-time processing of
•Complex relationships
•Context
•User digital interactions must be constantly monitored.
•In addition to using contextual cues to evaluate customer behavior,
•user identity and access rights can be verified through multi-factor authentication
© 2016 ForgeRock. All rights reserved.
IoT reference architecture
© 2016 ForgeRock. All rights reserved.
End-to-end IoT Identity Platform
BIG
DATA
Little DataEnd-to-End Security, Web, Data Objects & Management
IP and Web to the
edge
Solutions
Edge
Identity Platform
• Consumers
• Customers
• Partners
• Contractors
• Employees
• …
FROM DEVICE TO
CLOUD IoT Services Enterprise
top related