9 IoT Security Principles to Help Reduce Your Attack Surface

Cybersecurity can seem at once like a pervasive and nebulous concern. Every day, there are a variety of headlines describing banks, cities, hospitals, individuals and virtually every other possibly entity that has become a victim of a cyberattack. At the same time, it can be difficult to quantify cyber-risk. Rising numbers of IoT devices compound the risk by creating a larger and more abstract attack surface, making risk-management still more difficult. Here, we include security advice from Sean Peasley, a Deloitte Risk and Financial Advisory partner and IoT security pioneer as well as recent research from Deloitte and Dragos, weaving in perspectives from Sara Boddy, director of F5 Labs. Manufacturers developing connected products need to integrate security into product development as early as possible. “It’s very difficult, if not impossible, to get to the same level of security if you’re trying to retrofit that later in the process in the product development process,” Sean Peasley said. “As organizations develop connected products, they need to understand the [cybersecurity] risks and evaluate those, and then, hopefully, have the appropriate kind of response.