PRO+ Premium Content/Information Security
Access your Pro+ Content below.
IoT cybersecurity: Do third parties leave you exposed?
This article is part of the Information Security issue of August 2019, Vol. 20, No. 3
In some ways, security is all about perspective. It wasn't that long ago that BYOD felt like a daunting challenge for information security and risk management professionals. But, now, a couple hundred smartphones and iPads can seem like child's play compared to IoT cybersecurity, which involves protecting everything from connected cars to networked sensors to smart locks and control systems. Part of what makes IoT cybersecurity so complex is its reliance on a vast ecosystem of third-party providers. While many of these companies aspire to deliver a unified approach to security, the reality is that it can be incredibly challenging for enterprise IT teams to get different devices, platforms and systems to play nicely together. A May 2019 report by Ponemon Institute revealed that, even among IoT-savvy organizations, corporate risk management pros are largely aware of third-party cybersecurity vulnerabilities but still have a ways to go in mitigating such IoT cybersecurity gaps.
Features in this issue
-
New tech steers identity and access management evolution
IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets.
-
IoT cybersecurity: Do third parties leave you exposed?
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues.
News in this issue
-
Is your identity management up to the task?
IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle.
Columns in this issue
-
For board of directors, cybersecurity literacy is essential
For boards of directors to meet their business goals, CISOs need a seat at the table. Through her initiative BoardSuited, Joyce Brocaglia aims to pave the way.
-
The must-have skills for cybersecurity aren't what you think
The most critical skills that cybersecurity lacks -- like leadership buy-in, people skills and the ability to communicate -- are not the ones you hear about. That needs to change.