Want to Aggravate Your CISO? Bring IoT Devices Onto the Network

CISO Perspectives with Jay Gonzales
Share this post

Internet of Things (IoT) devices have evolved from consumer applications in smart homes to commercial applications in nearly every industry. With features like remote access/control, machine learning, and real-time analytics, IoT devices have the potential to dramatically improve business efficiencies. With IoT devices, businesses track energy usage, balance power generation, monitor production, and many other functions. All good, right? Not so fast. Security is seldom a priority (or even a thought) for device manufacturers. For example, IoT-generated data is accessed and transferred over the internet but is frequently unencrypted. Also, because these devices are connected to a corporate network, hackers have an indirect line to your systems and data. If a smart device can play your favorite song, maintain your optimal room temperature, or call the babysitter, what can a hacker learn from a compromised device connected to your corporate network?

 

I recently sat down with Jay Gonzales, CISO with Samsung Semiconductor, and discussed some of the challenges and opportunities inherent in his position but also with the CISO role more broadly. In this video, Jay shares his views on an always prevalent threat: known and even unknown IoT devices on corporate networks.

CISO Perspectives is a blog series featuring conversations with chief information security officers from different industries. Each blog features a unique perspective on a variety of topics pertinent to the CISO profession and career. Visit our CISO Perspectives page for more blogs and videos.


Share this post

Keep Reading about CISO Perspectives

Jake Margolis, CISO, Metropolitan Water District of Southern California

What CISOs and Cat Herders Have in Common

by Laureen Smith
Share this postWhat do CISOs and cat herders have in common? Both are good at herding cats. This may be an odd skill for a highly-skilled profession that couples technology with risk mitigation. But the...
Philadelphia cybersecurity leaders

CISOs: Say “Yes” For Success (and Job Security)

by Joel York
Share this postIf your job is to protect your organization’s reputation, you’re probably pretty risk-averse. But saying “no” to every department’s technology request will get you branded as a barrier to business growth. Eventually, department...