Dronejacking – a disaster waiting to happen.

March 17, 2017 4 Comments

By James O’Malley – original post at https://eandt.theiet.org/content/articles/2017/03/drones-wide-open-to-hijack-threats

Drones wide open to hijack threats

Don’t let that flying drone out of your sight: you never know where it might turn up next.

Last year, customers of Amazon in Cambridge began signing up for a novel delivery option.  A 25kg drone, which is able to fly up to 10 miles gripping a book-sized package underneath, took just 13 minutes to fly from the warehouse nearby, landing briefly to drop the order on a delivery mat marked with the distributor’s single-letter logo in the customer’s rear garden.

Read more of this post

Filed under IoT Security Tagged with , , , , , ,

Securing The Internet of (broken) Things: A Matter of Life and Death

October 6, 2015 1 Comment

Securing the Internet of broken thingsIf you’re like me you’ll probably be getting desensitized by now to the ever-lengthening list of data breach headlines which have saturated the news for the past 24 months or more. Targeted attacks, Advanced Persistent Threats and the like usually end up in the capture of sensitive IP, customer information or trade secrets. The result? Economic damage, board level sackings and a heap of bad publicity for the breached organization. But that’s usually where it ends.

Read more of this post

Filed under IoT Security, Top Posts Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Data Breach Pandemic: Information Security is Broken

June 8, 2015 Leave a comment

Verizon Data Breach Report 2015Have enterprises basically just given up on IT security? Global budgets fell by 4% in 2014 over the previous year and as a percentage of total IT budget they’ve remained at 4% or less for the past five years. The picture is even starker for firms with revenues of less than $100m, who claim to have reduced security budgets 20% since 2013.

Yet the threats keep on escalating. When it comes to information security, there are really only two situations out there: companies that have been breached, and companies that still don’t know it.

If 2014 was the “Year of the Data Breach” then 2015 is proving to be at least its equal. This month alone we’ve seen TV stations shunted off air by pro-jihadi cyber terrorists; the discovery of major new state-backed attack groups; and another massive data breach at a US healthcare provider.

We talk today about managing risk, rather than providing 100% security – because there’s no such thing. The conclusion I have reached is that the traditional information security model is broken. But why? And how can we fix it?

Read more of this post

Filed under Information Security, Top Posts Tagged with , , , , , , , , , , , , , , ,