Industry News by Bret Piatt Sep 19, 2017 Internet of Things with James Brehm - Week 51 Can IoT devices protect themselves from outside security hackers Week 51 of Cyber Talk Radio Show Summary This past Saturday, September 16, episode 51 of Cyber Talk Radio hit the air on 1200 WOAI and iHeartRadio streaming. I was joined by James Brehm For a lot of us, when we hear the term “Internet of Things” (IoT) we think about the connected camera in our house, but as we will explore with James Brehm, IoT is more complex than that. James did not start out in technology, but through a business transformation to digital. It was that experience that got him hooked on technology. He then went to Gateway, Rackspace and Frost and Sullivan before going out on his own. In the show we talk about the difference between the Internet of Things and Industrial Control Systems and how ultimately they are converging. I give an example of how a rancher used small routers to monitor breaks in their fence and James contrasts that with the former wireline of railroads and cctv. We then go deeper into the multitude of devices and systems that are part of IoT, like delivery trucks and medical devices like sleep apnea machines. Think about all of the different devices you use and what is and what could be connected. What does the growth rate look like? It’s big and going to be huge and spiraling out of control. Right now it’s about seven billion devices. In four or five years, it could be about 20 billion, but other firms estimate it in the trillions. Intellectual property rights will become a major issue over the next few years. It will likely be cost prohibitive to scale as fast as some predict. As an example, our current healthcare system will limit the expansion of that connected system. Through all of these systems, security seems like the biggest challenge. Everyone wants to connect their devices to realize that value but no one wants to be responsible if their devices get hacked. James and I then go into the fact that there is no license required to do business on the internet. We can all do what we want and there are little consequences to what is happening when companies get hacked and their data gets exposed. One of they way criminals are leveraging your data is through a gray market for data repackaging. That is to say, they are stealing the data, packaging it up and selling it to legitimate companies who use it for marketing and analytics. When we got back from the break we talk about legislation in the Cyber Security Improvement Act and how senators (primary sponsor: Sen. Warner, Mark R. [D-VA]) are trying to mandate that companies that sell internet connected devices to the U.S. government will guarantee that they won’t be hacked. It’s not likely the legislation will go anywhere because industry cannot guarantee security unless the devices have limited features and connectivity. It’s not like security is locking one thing up. It’s a collection of interrelated issues: You have to secure your network, your devices, your applications, you have to maintain persistence on your network, patch and maintain your operating systems, you have to scan for vulnerabilities. It’s complex and takes work everyday. An interesting example is Red Box. At one point they had a problem where people would take the SIM card out of the back of the machine so they could use it for mobile access. They soon after fixed the problem, but it’s not something they thought about until it kept happening. Just think about all of the global verticals that are taking advantage of IoT; healthcare, fleet management solutions, asset tracking, retail, smart city, smart grid and consumer electronics. And this isn’t even to mention the security risks around self-driving cars. If you’re listening and are curious about what to study to contribute to this explosion of data and devices, two things for you: cyber security or analytics. James and I end on a couple of notes about standards and interoperability and agreed that there’s another episode in our future. To learn more about cybersecurity, listen to the full episode replay available here! Upcoming episode – Saturday nights from 11:00 p.m. to Midnight Episode 52, September 23: Cyber Training and Funding with Project Quest Listen to a replay of this episode or past episodes on a Cyber Talk Radio Podcast stream. Replays are available via the below podcast services: Pocket Casts iTunes Recent episodes – available to stream from our YouTube channel - Cybersecurity Legislation with Congressman Will Hurd Creating a “Culture of Security” with Dr. Greg White of University of Texas San Antonio Codeup’s Approach to Developing Responsible Programmers with Ryan Orsinger Career Matching for Military Cyber Jobs with Cyber Warrior Network Ethics of Artificial Intelligence and Paying Ransoms to Hackers with Van Lindberg 24th Air Force Cyber Operations with Sherri Hanson Bunker Labs and Empowering Military Veterans as Leaders in Innovation with Johnathan Paul Wojtewicz STEM Education and the Geek Bus in San Antonio with Jake Lopez at SASTEMIC Cybersecurity Program at Texas A&M University San Antonio Cybersecurity Master’s Program at St. Mary’s University Cyber Risk Management with Innove Cyber Security Awareness and Training with Inspired eLearning How to Secure Wordpress with WP Engine Have an idea for a topic or want to be a guest? Contact Cyber Talk Radio via our request a topic or be a guest form.