Internet of things security
Internet of things security includes comprehensive resources about identity and access management for IoT, attack vectors and mitigations, intellectual property protection and threat prevention and defense.
Top Stories
-
Tip
22 Feb 2024
IoMT device tips for healthcare IT departments
Healthcare providers' IT departments must keep an ever-expanding range of IoT devices powered on, connected and secure. Challenges abound, but they are surmountable. Continue Reading
-
Feature
22 Jan 2024
6 must-read blockchain books for 2024
Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading
-
Definition
07 Feb 2024
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning. Continue Reading
-
Feature
22 Jan 2024
6 must-read blockchain books for 2024
Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading
-
Definition
05 Dec 2023
offensive security
Offensive security is the practice of actively seeking out vulnerabilities in an organization's cybersecurity. Continue Reading
-
Definition
28 Nov 2023
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system. Continue Reading
-
Tip
17 Nov 2023
An introduction to IoT penetration testing
IoT systems are complex, and that makes checking for vulnerabilities a challenge. Penetration testing is one way to ensure your IoT architecture is safe from cyber attacks. Continue Reading
-
Tip
15 Nov 2023
How to protect your organization from IoT malware
IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks. Continue Reading
-
Tip
07 Nov 2023
Factors to consider when securing industrial IoT networks
Industrial IoT networks differ from enterprise data networks. Keeping them safe requires a security strategy that's specifically crafted for legacy and new devices and sensors. Continue Reading
-
Definition
19 Oct 2023
Structured Threat Information eXpression (STIX)
Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies. Continue Reading
-
Definition
12 Oct 2023
security awareness training
Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy. Continue Reading
-
Definition
02 Oct 2023
voice squatting
Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced. Continue Reading
-
Definition
02 Oct 2023
multifactor authentication
Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction. Continue Reading
-
Definition
29 Sep 2023
cyber insurance
Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help reduce the financial risks associated with doing business online. Continue Reading
-
Feature
16 Aug 2023
How to use dynamic reverse engineering for embedded devices
In this excerpt from 'Practical Hardware Pentesting,' read step-by-step instructions on how to find vulnerabilities on IoT devices using dynamic reverse engineering. Continue Reading
-
Feature
16 Aug 2023
Adopt embedded penetration testing to keep IoT devices secure
Regular embedded penetration testing can help discover vulnerabilities before attackers do. The author of 'Practical Hardware Pentesting' explains. Continue Reading
-
Definition
07 Aug 2023
IoT security (internet of things security)
IoT security (internet of things security) is the technology segment focused on safeguarding connected devices and networks in IoT. Continue Reading
-
Definition
01 Aug 2023
internet of things privacy (IoT privacy)
Internet of things privacy is the special considerations required to protect the information of individuals from exposure in the IoT environment. Continue Reading
-
Definition
07 Jul 2023
ransomware as a service (RaaS)
Ransomware as a service (RaaS) is a subscription-based business model that enables affiliates to launch ransomware attacks by accessing and using pre-developed ransomware tools. Continue Reading
-
Tip
27 Jun 2023
Top 12 IoT security threats and risks to prioritize
Certain IoT security concerns are hard to forget, such as IoT botnets, but others might not come to mind as easily, including DNS threats and physical device attacks. Continue Reading
-
Tip
16 Jun 2023
Use IoT hardening to secure vulnerable connected devices
IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected. Continue Reading
-
Tip
06 Jun 2023
11 IoT security challenges and how to overcome them
IoT, while influential and beneficial, introduces several security challenges, from device discovery and patching to access control and cyber attacks. Continue Reading
-
Guest Post
22 May 2023
Follow a 6-phase roadmap to secure cyber-physical systems
Cyber-physical systems help bridge the digital world with the physical world, but they introduce cybersecurity risks that must be addressed. Continue Reading
-
Definition
17 May 2023
secure access service edge (SASE)
Secure access service edge, also known as SASE and pronounced sassy, is a cloud architecture model that bundles network and cloud-native security technologies together and delivers them as a single cloud service. Continue Reading
-
Definition
25 Apr 2023
smishing (SMS phishing)
Smishing -- or Short Message Service (SMS) phishing -- is a social engineering tactic cybercriminals use to trick people into divulging sensitive information over text messages. Continue Reading
-
Definition
19 Apr 2023
firewall
A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats. Continue Reading
-
Feature
05 Apr 2023
ICS kill chain: Adapting the cyber kill chain to ICS environments
As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
-
Feature
05 Apr 2023
An intro to the IDMZ, the demilitarized zone for ICSes
Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
-
Feature
05 Apr 2023
Reinforce industrial control system security with ICS monitoring
Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
-
Definition
09 Mar 2023
cyberwarfare
The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm. Continue Reading
-
Definition
03 Feb 2023
passive reconnaissance
Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the systems. Continue Reading
-
Tip
18 Jan 2023
Top 10 ICS cybersecurity threats and challenges
Industrial control systems are subject to both unique and common cybersecurity threats and challenges. Learn about the top ones here and how to mitigate them. Continue Reading
-
Tip
10 Jan 2023
Explore the relationship between IoT governance and privacy
Emerging industry standards and regulations -- coupled with technologies like AI -- will underscore the importance of IoT governance and privacy in the years to come. Continue Reading
-
Definition
20 Oct 2022
email
Email (electronic mail) is the exchange of computer-stored messages from one user to one or more recipients via the internet. Continue Reading
-
Guest Post
15 Sep 2022
How healthcare facilities can use IoT to bolster security
As hospitals and clinics implement physical security innovations with connected IoT devices, they must also establish protocols to enforce cybersecurity for such systems. Continue Reading
-
Definition
15 Aug 2022
tailgating (piggybacking)
Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises. Continue Reading
-
Definition
12 Aug 2022
segregation of duties (SoD)
Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. Continue Reading
-
Tip
22 Jun 2022
A look at smart energy security measures
IoT energy meters and sensors make buildings and power grids more efficient and cost-effective but require encryption, network security and access control for safe operation. Continue Reading
-
Guest Post
15 Jun 2022
Effective IoT security requires collaboration and clarity
IoT brings benefits to business, government and consumers. But those features shouldn't come at the cost of security or less privacy for its users. Continue Reading
-
Guest Post
10 Jun 2022
Top ways to strengthen protection for IoT devices in OT
To ensure IoT devices that support OT aren't compromised from cyber attacks, IT teams can implement zero-trust security, digital twins and supply chain measures. Continue Reading
-
Guest Post
13 May 2022
Simplify zero-trust implementation for IoT security
Zero-trust policies reduce the possibility of costly cyber attacks. Defining user access, boosting network security and using endpoint management tools can streamline adoption. Continue Reading
-
Definition
28 Apr 2022
man-in-the-middle attack (MitM)
A man-in-the-middle (MitM) attack is a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. Continue Reading
-
Guest Post
03 Mar 2022
Orchestrate a safer world with IoT and data convergence
IoT data has the potential to make businesses more secure and proactive against threats. But a successful deployment requires the right combination of data and software. Continue Reading
-
Tip
22 Feb 2022
Top 4 IoT data privacy issues developers must address
Regulatory changes mean changes for IoT device creation. Design considerations around API permissions, AI data set bias and physical access can improve product security. Continue Reading
-
News
24 Jan 2022
Silicon Labs launches new AI/ML chips, toolkit for edge
The chip vendor's new wireless SoC aims to bring AI and machine learning to the IoT. The systems also use the Matter IP-based protocol to wirelessly connect devices. Continue Reading
-
Opinion
06 Jan 2022
IoT ethics must factor into privacy and security discussions
With the adoption of IoT devices, consumers voluntarily trade privacy for the convenience of instant connectivity. Organizations must consider the ethics of their data collection. Continue Reading
-
Guest Post
29 Dec 2021
The risks of silent patching and why it must end
Silently patching vulnerabilities within TCP/IP software is a detrimental, yet common habit among security vendors that hinders the security posture of the cybersecurity community. Continue Reading
-
Feature
28 Dec 2021
Guard your network with IoT software security
IoT software security can present a challenge for IT admins and may call for specialized tools such as extended detection and response platforms. Continue Reading
-
Tip
21 Dec 2021
Fortify security with IoT data protection strategies
It's only a matter of time before attackers target IoT data. Organizations must be ready with IoT data security best practices, including data encryption and visibility. Continue Reading
-
Tip
16 Dec 2021
Shield endpoints with IoT device security best practices
IT administrators must implement best practices, including segmenting the network, encrypting data and shutting down unused devices to ensure the security of IoT devices. Continue Reading
-
Tip
15 Dec 2021
6 IoT security layers to shape the ultimate defense strategy
IT administrators can divide and conquer their defense strategy with IoT security layers that ensure data protection from its generation in devices to its storage in the cloud. Continue Reading
-
Tip
13 Dec 2021
Reinforce IoT cloud security in 6 steps
Cloud services can accommodate the constant flow of IoT data, but IT admins must also be ready to work with providers to effectively defend their fortress in the cloud. Continue Reading
-
Tip
13 Dec 2021
Bolster physical defenses with IoT hardware security
IT admins must take IoT hardware security just as seriously as other protective measures in their network because attackers can also easily physically access remote devices. Continue Reading
-
Guest Post
03 Dec 2021
IoT security needs zero trust to face new botnet trends
The growing threat of botnets that target IoT devices means that organizations must extend their perimeter access controls, including the use of zero trust. Continue Reading
-
Feature
02 Dec 2021
4 advanced IoT security best practices to boost your defense
IT admins must go beyond standard security practices for IoT deployments and adopt more complex protections, such as machine learning threat detection, to ensure security. Continue Reading
-
Guest Post
17 Nov 2021
Solving IoT authentication challenges
If organizations want to take advantage of IoT, they must first protect major authentication vulnerabilities with layers of defenses. Continue Reading
-
Tip
08 Nov 2021
Edge computing security risks and how to overcome them
IT administrators must incorporate the right strategies and tools to anticipate, prevent and overcome common edge computing security risks and realize the value of edge technology. Continue Reading
-
Tip
22 Oct 2021
Why use machine learning in IoT security strategy
Machine learning can be a valuable tool for any organization looking to secure IoT devices on a more scalable and efficient basis with automation and anomalous behavior detection. Continue Reading
-
Guest Post
20 Oct 2021
IoT device security implications for the future
IoT security has always been a concern for consumers and manufacturers, but future trends in automotive IoT, 5G and smart homes will call for stronger security measures. Continue Reading
-
Tip
19 Oct 2021
Learn the basics of cryptography in IoT
Cryptography requires navigating the limitations of IoT, but the protection data encryption offers makes it a must-have for secure IoT deployments and communication channels. Continue Reading
-
Guest Post
19 Oct 2021
Building IoT strategies around trust
IoT technology can improve operational performance, safety and security, but organizations must take steps to ensure the trust of employees and customers. Continue Reading
-
Tip
11 Oct 2021
IoT segmentation secures device fleets and broader network
In the age of IoT, IT administrators must isolate devices, such as temperature sensors or surveillance cameras, from other applications and servers to keep their network secure. Continue Reading
-
Guest Post
06 Oct 2021
Why IoT should become the 'internet of transparency'
IoT devices run on opaque, proprietary algorithms that erode the public's trust in smart technology and hamper its adoption. The industry must bring IoT algorithms into the light. Continue Reading
-
Guest Post
16 Sep 2021
Digital transformation helps organizations fight crime
Organizations can implement IoT technology -- including video surveillance cameras, electronic locks and seismic detectors -- to protect their machines from physical attacks. Continue Reading
-
Guest Post
09 Sep 2021
Using blockchain to improve security for IoT devices
Network and device security and data integration make protecting IoT deployments difficult. Organizations can achieve better security with random neural networks and blockchain. Continue Reading
-
Guest Post
02 Sep 2021
Step-ahead IoT security: Developers must be more proactive
The lack of standards and built-in IoT security has hindered security practices and left systems vulnerable. Discover practical tips to build a stronger IoT security foundation. Continue Reading
-
Feature
17 Aug 2021
Cybersecurity executive order 2021 pushes IoT security
Although President Biden's executive order focuses on cybersecurity in general, it calls for public education and a consumer labeling program for IoT device security. Continue Reading
-
Guest Post
06 Aug 2021
Fact vs. fiction: Today's IoT security challenges
Organizations must first understand the specific challenges that come with IoT security, including the lack of standardization and the physical vulnerabilities of devices. Continue Reading
-
Tip
23 Jul 2021
4 zero-trust IoT steps to scale security
With a zero-trust framework applied to an IoT deployment, IT administrators and security teams implement strong identities and isolate threats at scale. Continue Reading
-
Guest Post
16 Jul 2021
IoT security: Development and defense
As the risks of connected devices increase, organizations must evaluate and strengthen their product protections with training, pen testing and device maintenance plans. Continue Reading
-
Guest Post
08 Jul 2021
How to secure IoT devices and protect them from cyber attacks
With just a handful of security measures, organizations and workers can prevent hackers from infiltrating IoT devices and protect user privacy. Continue Reading
-
Guest Post
28 Jun 2021
Don't believe the passwordless hype
Truly passwordless systems don't exist yet because most systems default to passwords when other authentication methods fail, such as biometric readers. Continue Reading
-
Guest Post
23 Jun 2021
Securing the future of IoT
If organizations don't get IoT security right, the potential for hackers to control sensitive personal, commercial or national information could have devastating consequences. Continue Reading
-
Definition
07 Jun 2021
meet-in-the-middle attack
Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key. Continue Reading
-
Blog Post
28 May 2021
Protecting your IoT devices protects your business
Organizations use IoT security standards and frameworks to secure IoT applications, data and devices, even for a fully remote workforce going forward. IoT security is more than a technology ... Continue Reading
-
Tip
28 May 2021
IT/OT convergence security must adapt for IoT connectivity
Organizations must build a strong security posture that includes both IT and OT to ensure their safety, which will require a paradigm shift from individual assets to systems. Continue Reading
-
Quiz
13 May 2021
Prove your expertise with this IoT security quiz
Think you know all there is to know about securing IoT devices on an enterprise network? Test your grasp of IoT security threats with this quiz. Continue Reading
-
Blog Post
16 Apr 2021
New IoT Cybersecurity Improvement Law is a start, not a final solution
Even though the new IoT Cybersecurity Improvement Law takes a step towards better connected device protections, organizations still have many cybersecurity challenges to tackle. Continue Reading
-
Tip
09 Apr 2021
Consider IoT TPM security to augment existing protection
Organizations can upgrade their devices to include TPMs that serve as passive security on the host system, simplify device maintenance and enhance overall security. Continue Reading
-
Blog Post
26 Mar 2021
Use a zero trust approach to combat IoT security risks
Cyber attacks on IoT and CMS have grown throughout 2020 and organizations must step up their network security measures with tactics such as zero-trust. Continue Reading
-
Tip
19 Mar 2021
Roll out IoT device certificates to boost network security
Organizations don't just use digital certificates for websites and web apps anymore. IoT device certificates have become a significant part of any cybersecurity strategy. Continue Reading
-
Blog Post
05 Feb 2021
Ensuring IoT and OT security requires collaboration
Just as security within an organization is everyone’s responsibility, all parties involved in the IoT and OT asset lifecycle must take responsibility for security and resilience. Continue Reading
-
Tip
26 Jan 2021
IoT device authentication methods that increase security
Most IoT devices don't come with ideal authentication capabilities. IT admins must understand the best methods to use for their deployment, such as digital certificates. Continue Reading
-
Blog Post
22 Jan 2021
Confronting the threat of edge-enabled swarm attacks
Cybercriminals can use thousands of hijacked devices to create swarm attacks. These attacks target networks or edge devices, and share intelligence in real time to refine an attack as it takes place. Continue Reading
-
Blog Post
14 Jan 2021
Flying IoT introduces new opportunities, security vulnerabilities
IoT is now taking to the sky in the form of drones. While these devices offer insurmountable business opportunities, the inherent security vulnerabilities leave some businesses unsure. Continue Reading
-
Feature
29 Dec 2020
How to use IoT authentication and authorization for security
IT administrators can determine which IoT authentication and authorization type, such as one-way or three-way, will serve them best based on their latency and data requirements. Continue Reading
-
Feature
16 Dec 2020
5 tools to help improve IoT visibility, device security
Device discovery tools can help organizations identify devices that might pose security risks, giving security administrators insight to protect their endpoints. Continue Reading
-
Blog Post
11 Dec 2020
Defeating pandemic attack trends on IoT and consumer devices
Training, threat intelligence and a comprehensive security strategy will ensure organization can fight threats that arise from the ever-increasing contingent of IoT devices. Continue Reading
-
Tip
24 Nov 2020
6 best practices for IoT security during global uncertainty
More people work outside of typical offices now, which means IoT security best practices must grow to accommodate them and focus on security hygiene and broader network analysis. Continue Reading
-
Tip
17 Nov 2020
6 steps to prioritize IoT gateway security
IoT gateways serve as essential components in building effective IoT deployments and greater security, but admins should secure them with regular software updates and audits. Continue Reading
-
Blog Post
13 Nov 2020
Cybersecurity 2.0 and the future of the IIoT landscape
With greater IIoT adoption and more security breaches, organizations must prioritize and update their security practices to match the new paradigms of current times. Continue Reading
-
Feature
11 Nov 2020
IoT Security Foundation launches vulnerability platform
With the convergence of home and work networks, IoT vulnerability platforms might push security awareness across consumer and enterprise IoT and assist manufacturers with regulations. Continue Reading
-
Feature
02 Nov 2020
5 steps to get IoT cybersecurity and third parties in sync
Third parties often prove to be the weak links when it comes to IoT cybersecurity. Learn what you can do to minimize the risk while reaping the benefits that outside vendors bring. Continue Reading
- 02 Nov 2020
-
Opinion
02 Nov 2020
AI in cybersecurity ups your odds against persistent threats
AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
-
Feature
30 Oct 2020
Get greater protection with IoT security advances in authentication
In this book excerpt, discover why and how authentication offers one of the most crucial security measures any engineer must plan in an IoT deployment. Continue Reading
-
Blog Post
27 Oct 2020
How to deal with IoT device proliferation
Malicious attackers have begun to strategically target IoT devices to gain access to corporate networks. Security teams must employ new tactics, such as deceptive techniques, to draw out attackers. Continue Reading
-
Blog Post
22 Oct 2020
Addressing the increase in IoT-based attacks driven by remote work
Following work-from-home ordinances due to COVID-19, business leaders must accept that employees’ IoT devices present a much greater risk now that they are used outside the company’s security fence. Continue Reading
-
Blog Post
16 Oct 2020
The key to contact tracing lies within IoT security
As people continue to adjust to COVID-19 prevention measures, including contact tracing, monitoring and IoT-enabled devices, the data collection process must be transparent, secure and reliable. Continue Reading
-
Tip
25 Sep 2020
Don't forget IoT physical security when planning protection
Organizations must take steps to ensure the physical security of IoT devices, including preventing access to hardware components and ensuring only authenticated access. Continue Reading
-
Tip
03 Sep 2020
Tackle the growing number of IoT ransomware threats
IoT devices give hackers more doorways into networks, and organizations must take steps -- such as backing up data -- to secure them before hackers come knocking with ransomware. Continue Reading
-
Blog Post
31 Aug 2020
It’s all about the bots: Examining key trends in 2020
Following the COVID-19 pandemic, organizations must ensure their networks are secure as work-from-home employees increasingly experience cybercriminal attacks with the help of botnets. Continue Reading