Access your Pro+ Content below.
Identity of things moves beyond manufacturing
With more employees bringing their own devices and network-connected objects -- such as keycard controls and energy monitoring systems -- the digital footprint of the internet of things is only increasing. Yet the security industry is starting to develop an identity of things strategy.
Manufacturing, healthcare and critical-infrastructure companies have long dealt with the identity of things. Supervisory control and data acquisition engineers may be able to teach CIOs and CISOs the best way to handle device identity management. Determining which devices should access a network is a daunting task, however, because device identity management can be context dependent. Some, such as mobile phones, should be linked to users; others, such as radio frequency ID tags on cargo containers, should be linked to physical objects; and still others, such as an MRI machine or a centrifuge, need to be treated as a critical asset. To deal with the influx of devices and the identity of things, companies need to address discovery, asset identification and provisioning.
As the U.S. presidential election nears, we caught up with Nathaniel Gleicher, the former director of cybersecurity policy at the National Security Council in the White House. Gleicher, who is currently the head of Illumio's cybersecurity strategy, spoke with Information Security magazine about the Shadow Brokers' cyberweapons dump, the importance of having visibility into networks that need to be protected and the challenges of the vulnerabilities equities process.
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Companies in certain industries -- manufacturing, healthcare and critical infrastructure -- are already dealing with securing the internet of things; others will have to start.
The former White House cybersecurity policy director talks about cyberthreats, the government's vulnerability equities process and lawful use of exploit toolkits.
With data increasingly held hostage, companies are learning the downside of encryption and cryptocurrency. As some organizations admit to paying ransoms, will the problem get worse?
Columns in this issue
Political hacking is a regular occurrence. Should we worry more about cybercrime attribution or the ability of unknown actors to influence public discourse?
New research shows poor visibility into encrypted traffic increases the risk to enterprises as malicious actors take advantage of blind spots
Threat-related metrics that CISOs find useful often differ from what the C-suite wants to know. Here's how to communicate risk -- and return -- on cloud security investments.