IoT

A people counter that didn’t add up, and the dangers of the COVID IoT boom

Joe UchillFebruary 5, 2021

COVID-19 created an immediate demand for social distancing, which in turn created demand for devices to ensure compliance. Security concerns and testing, however, might fall to the wayside.

CES attendees move through the show floor during the International Consumer Electronics Show, showcasing the latest in consumer technology and devices. A study finds a correlation between how companies handle security of IoT devices and other aspects of their IT infrastructure. (Justin Sullivan/Getty Images)

Security Architecture

Firms with exposed IoT have a higher concentration of other security problems

Joe UchillJanuary 29, 2021

What does that correlation mean for chief information security officers? SC Media spoke to Kelly White, RiskRecon founder and CEO, to find out.

Matrikon Honeywell is one of three IoT vendors that faced vulnerabilities in their process to implement the open platform communication (OPC) network protocol ahead of a 2020 fix. (Spencer Platt/Getty Images)

Security Architecture

Users of IoT products from three major vendors at risk of DoS attacks, data leaks

Steve ZurierJanuary 26, 2021

Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.

“Ubiquiti NanoStation Wireless Bridge – Up and running.” Ubiquiti experienced a breach that may have exposed customer data. By KN6KS is licensed under CC BY-NC 2.0

Risk Assessments/Management

Cyber experts say advice from breached IoT device company Ubiquiti falls short

Steve ZurierJanuary 13, 2021

The Newton headquarters of CyberArk, a 2020 SC Awards winner. (CC BY-SA 4.0)

Security Architecture

CyberArk, Forescout and Phosphorus team to automate IoT device integration and lockdown

Steve ZurierNovember 23, 2020

The joint effort reflects the need across organizations to maintain an up-to-date inventory of IoT assets and continually assess the network to ensure patches are pushed and weak or default credentials do not leave systems vulnerable.