I've often said that we live in an absolutely amazing time in history. The sheer amount of technological advancements seems to know no bounds, growing exponentially as every day passes. From apps to devices, the list is virtually endless when it comes to the daily connectivity that we all enjoy and have come to expect in our modern age.
However, as more and more devices continue to flood the market, each one poses a very real and very serious threat to corporate cyber security.
The Internet of Things (IoT) is by far one of the most important technological advancements in human history, representing the entirety of the human condition. And whether it be devices made for medical use, education, monitoring of other devices, or simply to make our home environment more enjoyable—IoT represents limitless possibilities.
With something so prevalent and important, it’s astounding how many of these devices come with little to no inherent built-in security. So why is that? Perhaps it's due to the nature of the devices. For many they can be considered “dumb,” meaning there is really no operating system other than simple functions that allow for simple interactions.
Examples of this type of device range from Bluetooth-enabled electric kettles, to wifi enabled lightbulbs, to the simplest of sensors that detect things like environmental factors such as increases in heat or cold. And when looking at the feature/functionality of these, their one-trick-pony nature is perhaps why security is often overlooked.
A kettle that does nothing but turn on via an app to boil water at a chosen time seems hardly worthy of in-depth security measures. More so, what does a lightbulb do other than turn on and off and if highly advanced change color when desired.
However, this is where these devices become dangerous. For the nefarious—those that lurk in the far reaches of the dark web, planning the next big scam, malware, or attack—this is where opportunity collides with harsh reality.
Each of the aforementioned devices are weak points in the armor that an organization builds around its systems, its people, and its data. This means that something as simple as a wifi connected lightbulb can now become a terrifyingly open pathway into the inner sanctum of any organization—a device built in the eyes of criminals to be exploited.
This is where organization must be hyper-vigilant to ensure that even the most mundane of devices are addressed, placed within strict policies of use, and of course added into the environment to be monitored at all times.
But it does not end there. I use lightbulbs as an example as they are probably one of the most benign and commonplace items in our world. Every house, every school, every office, and every other place we frequent are lit by lightbulbs. So why notice something that is ever-present, that until now represents something as simple as the gift of light.
Here's the even more frightening aspect of this simple IoT enabled devices: bulbs now come with cameras built in. In fact, these are becoming so commonplace that as of today Amazon has them listed for a mere $79.00.
Now, take the inherent security flaws as described where these types of devices become a cyber criminal’s backdoor into an organization’s IT infrastructure, and pair that with the now very real functionality of high-def cameras that enable the recording of anyone, anywhere, anytime. From being able to view computer screens, to people's actions, to even some models with microphones—all of these devices are a monumental threat to security and privacy.
As the world continues to evolve its technology—making the most mundane of aging devices seem new again, we must all pause and evaluate the need, the function, and the risk of IoT from every angle. Only then will we be able to enjoy and benefit from its use, while still maintaining our security and our privacy.[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]
Étude de cas | Covid-19 Response Services
Étude de cas liée à la pandémie de COVID-19
COVID-19 : Les ressources que nous offrons en matière d’intervention de crise
Étude de cas | Solutions de gestion des urgences
Developing Comprehensive Plans: Village of Telkwa
Calian worked with the Village of Telkwa, British Columbia to develop a guide with preplanned routing and advance decisions to support residents during an evacuation, and to help the Village meet its legal responsibilities to be prepared for potential emergencies or disasters.
janvier 26, 2021 | Vanessa Howard
How do you perform an AAR that doesn't collect dust on a shelf?
An after-action review (AAR) is a tool that supports organizational continual learning and improvement. Like any tool, it is only as good as its application, so a careful evaluation process and comprehensive data collection and analysis is critical. The AAR has been...