The Internet of Things requires a fresh security approach, says one expert.
John Pescatore, the former Gartner analyst who is now the director of emerging security trends at SANS Institute, told InfoSecurity Magazine “Today, most IT is all bought by the CIO organization and they have teams of people who support the software and the hardware, and when the patch comes out the IT team pushes it out. We also have a second phase of operational technology, such as SCADA, power, cash registers and kiosks that run on software. That’s not bought by IT but there are teams that are responsible for it. But in IoT, when eyeglasses, automobiles and so on are all bought with embedded computers and software, consumers have no idea of who will support it and maintain it.”
According to the publication, “SANS Institute is spearheading an effort and summit to help manufacturers and vendors learn from the past and take a long hard look at security during the development phase of internet-related products. The idea is to bring together some of the leading minds in security, as well as other practitioners from a wide cross section of industries and company sizes, to raise awareness of the need to create a secure foundation from the start.”