Following the news that Durham chief constable Mike Barton has called for security ratings on all internet-connected home appliances, Chris Hodson, CISO EMEA at Zscaler commented below.
Chris Hodson, CISO EMEA at Zscaler:
“When observing the Internet of Things, we tend to look at the weird and wonderful aspects but essentially security here boils down to simple hygiene and this should be common practice across the board. In the wake of recent breaches, I welcome Chief Constable, Mike Barton’s recommendation to re-evaluate hardware security measures to ensure we all remain truly protected in this ever-connected world.
“Hardware vendors like connected fridge manufacturers haven’t had to climb the same learning curve as software vendors have over the past decade. As such, despite the fact that devices and appliances now regularly arrive with network connectivity capabilities, few have security controls baked in throughout the development process.
“Unlike vulnerabilities in software, which can be addressed with a simple patch, many hardware products today have no easy means of patching firmware. As such, we’re likely to see an entire generation of hardware devices that will simply need to be replaced when critical vulnerabilities are uncovered.
“These firms must now prioritise authentication for IoT devices to ensure that policy can be enforced and measured. Currently authentication, authorisation and logging practices are far more mature within mobile devices.
“Having the visibility over connected device traffic is also key to mitigate the threat of assets being infiltrated by hackers. A lack of visibility can result in a new form of shadow IT creating user dangers.”