Industrial IoT Cybersecurity with Mirko Ross
iSpeech
Mirko is Co-Founder and CEO of Digital Worx, a mobile Software Development Company.
As part of the European Commission’s Future Internet program, he supports and builds startups in the fields of eHealth and industrial IoT. In this function, Mirko is coaching SME and Startups in the European SME Instrument and FI-Business Program.
Since 2017 Mirko is a member of the IoT Security Expert Group of the European Agency of Network and Information Security ENISA. And Mirko is project coordinator of the digital health research project MITASSIST. He is a Member of the IOTA Evangelist Network (IEN) to promote Blockchain and Distributed Ledger technologies. Together with international Partners he working on secure indexing and search on the Internet of Thing at the HORIZON2020 Project IoTCrawler.
Mirko is the cofounder of asvin.io, a new venture that provides a secure, open source-based update and patch delivery for the Internet of Things.
Mirko is a well-practiced international speaker and coach on the field of Open Innovation, Internet of Things, IoT Security, and disruptive business modeling.
Contact Mirko:
Web: https://www.digital-worx.de/
Facebook: http://www.facebook.com/digital.worx.de
Twitter: @mirko_ross
Contact Avrohom:
Web: https://asktheceo.biz
Twitter: @avrohomg
Instagram: @avrohomg
INTERVIEW HIGHLIGHTS:
00:30 –Mirko, as we know, you’re a Cybersecurity expert, not a day goes by where we don’t hear about some data breach or ransomware attack. What concerns me greatly about all this, is that with the prevalence of IoT and Industrial IoT, we’re putting all these connected devices all over the place, and some of these devices were not manufactured with security in mind. Tell us about some of the challenges that the industry faces.
02:00 –To drive this message home, some of these IoT devices were hacked to mine Bitcoins, or to form a Botnet to carry out malicious attacks. If these devices are so easy to hack, what can we do about it? We can’t just bring them all back and fix them?
03:00 – California passed a security bill in 2018 banning default passwords in connected devices, removing a major attack vector for connected devices.
04:00 – What’s the big deal if my smart toaster gets hacked?
04:15 – What dangers can a smart toaster pose to FinTech executives?
05:00 – Just because devices are secure today doesn’t mean they are protected against the threats of tomorrow. How do you go about securing devices that are already deployed in the field, and possibly in hard to reach places?
06:20 – You need a good patch management strategy for all connected devices.
06:25 – There should be NO single connected device out there that does not have the ability to be updated.
07:00 – The Law of Economics will drive IoT Security
07:10 – Liabilities will drive Cyber Security of Consumer Devices
08:50 – Implementing an Over The Air Cyber Security Patch Management Strategy will yield more favorable Cyber Security insurance rates.
10:13 – What’s the challenge with patching IoT devices? Why can’t you just connect to them remotely and update them?
10:35 – Many IoT devices reside at the Edge with no direct IP connection, making it challenging to patch them.
11:10 – The large scale of deployed Industrial IoT devices makes it difficult, if not impossible, to apply patches manually.
11:30 – A big challenge with IoT devices is Lifecycle management – After a period of time you can’t get replacement parts for it anymore! To address this issue, you need a support contract with your vendor to maintain the hardware and software for a set period of time.
14:00 – To maintain a secure infrastructure we need to move to a Hardware as a Service model – HaaS.
14:45 – What are some of the risks with allowing people to patch their own Industrial IoT Devices?
18:00 – A patch downloaded from the Internet might actually be Malware in disguise!
18:25 – We need a chain of trust from the publisher of the patch all the way down to the application of the patch onto the device.
19:00 – How did you get started in this?
21:15 – How do people connect with you?
22:05 – Do you have any parting words of wisdom to share with the audience?
source
0 Responses to Industrial IoT Cybersecurity with Mirko Ross