Welcome!

@ThingsExpo Authors: Zakia Bouachraoui, Pat Romanski, Roger Strukhoff, Carmen Gonzalez, Yeshim Deniz

Related Topics: @ThingsExpo, @CloudExpo, Cloud Security

@ThingsExpo: Article

Invest in IoT Without Insecurity | @ThingsExpo #IoT #M2M #API #Cloud

Successful IoT strategies are built on a digital foundation that rethinks security

Recently, I attended Cloud Expo and @ThingsExpo in NYC (June 7-9) and I found the content to be interesting and thoughtful for companies that are planning their future success.

Like most conferences, there was a lot of chatter about IoT app development, consumer trends, and security with a smattering of privacy concerns and thoughts. More interesting to me were the sessions on identifying how to develop and bring to fruition new lines of business and how non-IT businesses may actually benefit the most from IoT. For instance, the majority of the work today in IoT is occurring in transportation, infrastructure, and environmental scenarios. Second, the marketing aspects of IoT are an important "pillar" to the success of IoT in a "Big Data" way.

With all of the Internet-connected devices, sensors and appliances establishing new or more real-time benefits, many industries like healthcare, energy, transportation, and citizen services need to address serious concerns about privacy and intellectual property protection. According to the latest public statements, the FTC believes that general authorities used to protect data privacy can cover IoT without specific new laws. Information security compliance programs such as FedRAMP and the NIST Cybersecurity Framework can help. Other known FTC regulatory findings such as the Wyndham case can offer partial guidance for the IoT and cloud markets.

Although it is still too early for any additional regulations, it is important for organizations to balance their IoT strategy with existing security and privacy standards - otherwise they risks losing their return on investment (ROI).

IoT in Focus
Key takeaways from the Cloud and IoT conference:

  • Successful IoT strategies are built on a digital foundation that rethinks security from the perspective of how the organization is monetizing the sensor data.
  • Digital foundations need to address data migration and data management across multi-vendor platforms for both cost reduction and cyber protection.
  • Cyber security and privacy strategies may need to address risk and liability issues related to the re-use and / or sale of pre-existing sensors or established sensor data.
  • Mobile use and mobile marketing should be tied to the monetization of IoT

IoT Could Change the Security Paradigm
The implications of IoT extend to privacy issues. CEOs should be concerned about the use and the potential loss of personal data. Along with this C-suite consideration, company executives must determine the accompanying liabilities, cyber security investments, and the privacy implications of the information, data and analysis.

Due diligence suggests that the C-suite should review privacy protection claims by partners and providers to minimize liability risk.  Whether physical tools, marketing dashboards or streaming data analytics, Corporate Executives and IT leaders will need to consider which streams of information result in new Intellectual Property (IP) and which can be sold as a revenue stream to partners. The likely results with IoT in use will be new information protection practices related to non-centralized computing at the "fog" and "cloud" locations.

As a result, there will be a need for creative pre-engineered defenses (NIST SP 800-160), liability mitigation awareness (NIST SP 800-171), and isolation techniques for meeting early-stage IoT business strategies and successful return on investment.

Meeting compliance standards even with guidance such as NIST and ISO will require security architecture decisions that focus on the planned and discovered revenue generators.

More Stories By Maria C. Horton

Maria C. Horton, CISSP, ISSMP, IAM, is Founder and Chief Executive Officer of EmeSec Incorporated. She founded EmeSec in 2003 after retiring from two decades as a Navy Officer where she rose to the rank of Commander. As a hands-on cybersecurity expert, she grew the company to become a leading provider of Cloud Security and Engineering Services delivering cyber assessments, protections and business enablement.

IoT & Smart Cities Stories
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility.
Today's workforce is trading their cubicles and corporate desktops in favor of an any-location, any-device work style. And as digital natives make up more and more of the modern workforce, the appetite for user-friendly, cloud-based services grows. The center of work is shifting to the user and to the cloud. But managing a proliferation of SaaS, web, and mobile apps running on any number of clouds and devices is unwieldy and increases security risks. Steve Wilson, Citrix Vice President of Cloud,...