Want to Aggravate Your CISO? Bring IoT Devices Onto the Network
Internet of Things (IoT) devices have evolved from consumer applications in smart homes to commercial applications in nearly every industry. With features like remote access/control, machine learning, and real-time analytics, IoT devices have the potential to dramatically improve business efficiencies. With IoT devices, businesses track energy usage, balance power generation, monitor production, and many other functions. All good, right? Not so fast. Security is seldom a priority (or even a thought) for device manufacturers. For example, IoT-generated data is accessed and transferred over the internet but is frequently unencrypted. Also, because these devices are connected to a corporate network, hackers have an indirect line to your systems and data. If a smart device can play your favorite song, maintain your optimal room temperature, or call the babysitter, what can a hacker learn from a compromised device connected to your corporate network?
I recently sat down with Jay Gonzales, CISO with Samsung Semiconductor, and discussed some of the challenges and opportunities inherent in his position but also with the CISO role more broadly. In this video, Jay shares his views on an always prevalent threat: known and even unknown IoT devices on corporate networks.
CISO Perspectives is a blog series featuring conversations with chief information security officers from different industries. Each blog features a unique perspective on a variety of topics pertinent to the CISO profession and career. Visit our CISO Perspectives page for more blogs and videos.