Sunday, October 20, 2019

"1 in 5 IT security professionals fear their connected toilets will be hacked"

Parents, don't let your kids grow up to be security or risk managers.*
From ZD Net:

It's remarkable the personal tidbits you can find in a serious study of IT security professionals and their fears about lack of security in the Internet of Things.

https://zdnet4.cbsistatic.com/hub/i/2017/12/19/d66e390e-9182-41f5-9e74-af1397ee0e9a/340faa9b277857c12652c1cd0de09030/4-illumibowl-eileen-brown-zdnet.png
 And suddenly your toilet begins to do strange things.
There are surely few more stressful jobs than those in IT security.
There are too many moving parts.
At any point, anyone of those moving parts can move -- or be moved -- in a crooked manner so that your company's data, your data, and your very life are exposed for all to see.

No company can ever be sufficiently secure. Hackers seem to see the latest precautions coming and prepare for the latest phase of a never-ending game with an entertained smile upon their faces.
Surely, then, IT security professionals are nervous people.

This seems clear from a new survey perpetrated on the part of the hardware security company nCipher.
The surveyors asked 1,800 IT security professionals in 14 countries about vital elements such as the increased use of IoT products in businesses such as retail, agriculture, healthcare, and manufacturing.

Sixty-eight percent of these professionals worried that hackers will simply alter the function of an IoT device. Fifty-four percent are concerned that IoT devices will come under the remote control of people with nefarious purposes or merely cruel senses of humor.

Somehow, though, when asked to name the five most important IoT security capabilities, these same nervous sorts placed delivering patches and updates to IoT devices, well, last.

Some mutter that it isn't clear who should be responsible for the Public Key Infrastructure and keeping up with all these updates and the security challenges IoT presents.
This is unfortunate, as some studies show that a mere 28% of IoT devices enjoy encryption, as do a mere 25% of IoT data repositories.
You'd think there was enough angst about security for it to be a priority. But it's like insurance, isn't it? Many companies just take the chance that they'll never need it, or they worry about the cost for so long that it's too late.

I plowed through this data with some desperation. It's as if IT security professionals know what should be done, yet don't believe their organizations will ever evince the responsibility and forethought to do it.
I discovered, though, that the IT security professionals were also asked personal, as well as professional questions. Here's where the true fears came out....MORE
HT: fudzilla

* Mamma's Don't Let Your Babies Grow Up To Be Risk Managers 
It could permanently twist their view of the world.

The current headlines at AgroInsurance:...