Internet of things security

Internet of things security includes comprehensive resources about identity and access management for IoT, attack vectors and mitigations, intellectual property protection and threat prevention and defense.

Top Stories

Tip 04 Apr 2024
5 top OT threats and security challenges

Securing operational technology is particularly critical but also especially challenging. Consider these top OT threats and how to manage them. Continue Reading
Tip 22 Feb 2024
IoMT device tips for healthcare IT departments

Healthcare providers' IT departments must keep an ever-expanding range of IoT devices powered on, connected and secure. Challenges abound, but they are surmountable. Continue Reading

Definition 20 Feb 2024

Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information. Continue Reading
Definition 07 Feb 2024

encryption

Encryption is the method by which information is converted into secret code that hides the information's true meaning. Continue Reading
Feature 22 Jan 2024

6 must-read blockchain books for 2024

Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading
Definition 05 Dec 2023

offensive security

Offensive security is the practice of actively seeking out vulnerabilities in an organization's cybersecurity. Continue Reading
Definition 28 Nov 2023

timing attack

A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system. Continue Reading
Tip 17 Nov 2023

An introduction to IoT penetration testing

IoT systems are complex, and that makes checking for vulnerabilities a challenge. Penetration testing is one way to ensure your IoT architecture is safe from cyber attacks. Continue Reading
Tip 15 Nov 2023

How to protect your organization from IoT malware

IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks. Continue Reading
Tip 07 Nov 2023

Factors to consider when securing industrial IoT networks

Industrial IoT networks differ from enterprise data networks. Keeping them safe requires a security strategy that's specifically crafted for legacy and new devices and sensors. Continue Reading
Definition 19 Oct 2023

Structured Threat Information eXpression (STIX)

Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies. Continue Reading
Definition 12 Oct 2023

security awareness training

Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy. Continue Reading
Definition 02 Oct 2023

voice squatting

Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced. Continue Reading
Definition 02 Oct 2023

multifactor authentication

Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction. Continue Reading
Definition 29 Sep 2023

cyber insurance

Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help reduce the financial risks associated with doing business online. Continue Reading
Feature 16 Aug 2023

How to use dynamic reverse engineering for embedded devices

In this excerpt from 'Practical Hardware Pentesting,' read step-by-step instructions on how to find vulnerabilities on IoT devices using dynamic reverse engineering. Continue Reading
Feature 16 Aug 2023

Adopt embedded penetration testing to keep IoT devices secure

Regular embedded penetration testing can help discover vulnerabilities before attackers do. The author of 'Practical Hardware Pentesting' explains. Continue Reading
Definition 07 Aug 2023

IoT security (internet of things security)

IoT security (internet of things security) is the technology segment focused on safeguarding connected devices and networks in IoT. Continue Reading
Definition 01 Aug 2023

internet of things privacy (IoT privacy)

Internet of things privacy is the special considerations required to protect the information of individuals from exposure in the IoT environment. Continue Reading
Definition 07 Jul 2023

ransomware as a service (RaaS)

Ransomware as a service (RaaS) is a subscription-based business model that enables affiliates to launch ransomware attacks by accessing and using pre-developed ransomware tools. Continue Reading
Tip 27 Jun 2023

Top 12 IoT security threats and risks to prioritize

Certain IoT security concerns are hard to forget, such as IoT botnets, but others might not come to mind as easily, including DNS threats and physical device attacks. Continue Reading
Tip 16 Jun 2023

Use IoT hardening to secure vulnerable connected devices

IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected. Continue Reading
Tip 06 Jun 2023

11 IoT security challenges and how to overcome them

IoT, while influential and beneficial, introduces several security challenges, from device discovery and patching to access control and cyber attacks. Continue Reading
Guest Post 22 May 2023

Follow a 6-phase roadmap to secure cyber-physical systems

Cyber-physical systems help bridge the digital world with the physical world, but they introduce cybersecurity risks that must be addressed. Continue Reading
Definition 17 May 2023

secure access service edge (SASE)

Secure access service edge, also known as SASE and pronounced sassy, is a cloud architecture model that bundles network and cloud-native security technologies together and delivers them as a single cloud service. Continue Reading
Definition 25 Apr 2023

smishing (SMS phishing)

Smishing -- or Short Message Service (SMS) phishing -- is a social engineering tactic cybercriminals use to trick people into divulging sensitive information over text messages. Continue Reading
Definition 19 Apr 2023

firewall

A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats. Continue Reading
Feature 05 Apr 2023

ICS kill chain: Adapting the cyber kill chain to ICS environments

As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
Feature 05 Apr 2023

An intro to the IDMZ, the demilitarized zone for ICSes

Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
Feature 05 Apr 2023

Reinforce industrial control system security with ICS monitoring

Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
Definition 09 Mar 2023

cyberwarfare

The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm. Continue Reading
Definition 03 Feb 2023

passive reconnaissance

Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the systems. Continue Reading
Tip 18 Jan 2023

Top 10 ICS cybersecurity threats and challenges

Industrial control systems are subject to both unique and common cybersecurity threats and challenges. Learn about the top ones here and how to mitigate them. Continue Reading
Tip 10 Jan 2023

Explore the relationship between IoT governance and privacy

Emerging industry standards and regulations -- coupled with technologies like AI -- will underscore the importance of IoT governance and privacy in the years to come. Continue Reading
Definition 20 Oct 2022

email

Email (electronic mail) is the exchange of computer-stored messages from one user to one or more recipients via the internet. Continue Reading
Guest Post 15 Sep 2022

How healthcare facilities can use IoT to bolster security

As hospitals and clinics implement physical security innovations with connected IoT devices, they must also establish protocols to enforce cybersecurity for such systems. Continue Reading
Definition 15 Aug 2022

tailgating (piggybacking)

Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises. Continue Reading
Definition 12 Aug 2022

segregation of duties (SoD)

Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. Continue Reading
Tip 22 Jun 2022

A look at smart energy security measures

IoT energy meters and sensors make buildings and power grids more efficient and cost-effective but require encryption, network security and access control for safe operation. Continue Reading
Guest Post 15 Jun 2022

Effective IoT security requires collaboration and clarity

IoT brings benefits to business, government and consumers. But those features shouldn't come at the cost of security or less privacy for its users. Continue Reading
Guest Post 10 Jun 2022

Top ways to strengthen protection for IoT devices in OT

To ensure IoT devices that support OT aren't compromised from cyber attacks, IT teams can implement zero-trust security, digital twins and supply chain measures. Continue Reading
Guest Post 13 May 2022

Simplify zero-trust implementation for IoT security

Zero-trust policies reduce the possibility of costly cyber attacks. Defining user access, boosting network security and using endpoint management tools can streamline adoption. Continue Reading
Definition 28 Apr 2022

man-in-the-middle attack (MitM)

A man-in-the-middle (MitM) attack is a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. Continue Reading
Guest Post 03 Mar 2022

Orchestrate a safer world with IoT and data convergence

IoT data has the potential to make businesses more secure and proactive against threats. But a successful deployment requires the right combination of data and software. Continue Reading
Tip 22 Feb 2022

Top 4 IoT data privacy issues developers must address

Regulatory changes mean changes for IoT device creation. Design considerations around API permissions, AI data set bias and physical access can improve product security. Continue Reading
News 24 Jan 2022

Silicon Labs launches new AI/ML chips, toolkit for edge

The chip vendor's new wireless SoC aims to bring AI and machine learning to the IoT. The systems also use the Matter IP-based protocol to wirelessly connect devices. Continue Reading
Opinion 06 Jan 2022

IoT ethics must factor into privacy and security discussions

With the adoption of IoT devices, consumers voluntarily trade privacy for the convenience of instant connectivity. Organizations must consider the ethics of their data collection. Continue Reading
Guest Post 29 Dec 2021

The risks of silent patching and why it must end

Silently patching vulnerabilities within TCP/IP software is a detrimental, yet common habit among security vendors that hinders the security posture of the cybersecurity community. Continue Reading
Feature 28 Dec 2021

Guard your network with IoT software security

IoT software security can present a challenge for IT admins and may call for specialized tools such as extended detection and response platforms. Continue Reading
Tip 21 Dec 2021

Fortify security with IoT data protection strategies

It's only a matter of time before attackers target IoT data. Organizations must be ready with IoT data security best practices, including data encryption and visibility. Continue Reading
Tip 16 Dec 2021

Shield endpoints with IoT device security best practices

IT administrators must implement best practices, including segmenting the network, encrypting data and shutting down unused devices to ensure the security of IoT devices. Continue Reading
Tip 15 Dec 2021

6 IoT security layers to shape the ultimate defense strategy

IT administrators can divide and conquer their defense strategy with IoT security layers that ensure data protection from its generation in devices to its storage in the cloud. Continue Reading
Tip 13 Dec 2021

Reinforce IoT cloud security in 6 steps

Cloud services can accommodate the constant flow of IoT data, but IT admins must also be ready to work with providers to effectively defend their fortress in the cloud. Continue Reading
Tip 13 Dec 2021

Bolster physical defenses with IoT hardware security

IT admins must take IoT hardware security just as seriously as other protective measures in their network because attackers can also easily physically access remote devices. Continue Reading
Guest Post 03 Dec 2021

IoT security needs zero trust to face new botnet trends

The growing threat of botnets that target IoT devices means that organizations must extend their perimeter access controls, including the use of zero trust. Continue Reading
Feature 02 Dec 2021

4 advanced IoT security best practices to boost your defense

IT admins must go beyond standard security practices for IoT deployments and adopt more complex protections, such as machine learning threat detection, to ensure security. Continue Reading
Guest Post 17 Nov 2021

Solving IoT authentication challenges

If organizations want to take advantage of IoT, they must first protect major authentication vulnerabilities with layers of defenses. Continue Reading
Tip 08 Nov 2021

Edge computing security risks and how to overcome them

IT administrators must incorporate the right strategies and tools to anticipate, prevent and overcome common edge computing security risks and realize the value of edge technology. Continue Reading
Tip 22 Oct 2021

Why use machine learning in IoT security strategy

Machine learning can be a valuable tool for any organization looking to secure IoT devices on a more scalable and efficient basis with automation and anomalous behavior detection. Continue Reading
Guest Post 20 Oct 2021

IoT device security implications for the future

IoT security has always been a concern for consumers and manufacturers, but future trends in automotive IoT, 5G and smart homes will call for stronger security measures. Continue Reading
Tip 19 Oct 2021

Learn the basics of cryptography in IoT

Cryptography requires navigating the limitations of IoT, but the protection data encryption offers makes it a must-have for secure IoT deployments and communication channels. Continue Reading
Guest Post 19 Oct 2021

Building IoT strategies around trust

IoT technology can improve operational performance, safety and security, but organizations must take steps to ensure the trust of employees and customers. Continue Reading
Tip 11 Oct 2021

IoT segmentation secures device fleets and broader network

In the age of IoT, IT administrators must isolate devices, such as temperature sensors or surveillance cameras, from other applications and servers to keep their network secure. Continue Reading
Guest Post 06 Oct 2021

Why IoT should become the 'internet of transparency'

IoT devices run on opaque, proprietary algorithms that erode the public's trust in smart technology and hamper its adoption. The industry must bring IoT algorithms into the light. Continue Reading
Guest Post 16 Sep 2021

Digital transformation helps organizations fight crime

Organizations can implement IoT technology -- including video surveillance cameras, electronic locks and seismic detectors -- to protect their machines from physical attacks. Continue Reading
Guest Post 09 Sep 2021

Using blockchain to improve security for IoT devices

Network and device security and data integration make protecting IoT deployments difficult. Organizations can achieve better security with random neural networks and blockchain. Continue Reading
Guest Post 02 Sep 2021

Step-ahead IoT security: Developers must be more proactive

The lack of standards and built-in IoT security has hindered security practices and left systems vulnerable. Discover practical tips to build a stronger IoT security foundation. Continue Reading
Feature 17 Aug 2021

Cybersecurity executive order 2021 pushes IoT security

Although President Biden's executive order focuses on cybersecurity in general, it calls for public education and a consumer labeling program for IoT device security. Continue Reading
Guest Post 06 Aug 2021

Fact vs. fiction: Today's IoT security challenges

Organizations must first understand the specific challenges that come with IoT security, including the lack of standardization and the physical vulnerabilities of devices. Continue Reading
Tip 23 Jul 2021

4 zero-trust IoT steps to scale security

With a zero-trust framework applied to an IoT deployment, IT administrators and security teams implement strong identities and isolate threats at scale. Continue Reading
Guest Post 16 Jul 2021

IoT security: Development and defense

As the risks of connected devices increase, organizations must evaluate and strengthen their product protections with training, pen testing and device maintenance plans. Continue Reading
Guest Post 08 Jul 2021

How to secure IoT devices and protect them from cyber attacks

With just a handful of security measures, organizations and workers can prevent hackers from infiltrating IoT devices and protect user privacy. Continue Reading
Guest Post 28 Jun 2021

Don't believe the passwordless hype

Truly passwordless systems don't exist yet because most systems default to passwords when other authentication methods fail, such as biometric readers. Continue Reading
Guest Post 23 Jun 2021

Securing the future of IoT

If organizations don't get IoT security right, the potential for hackers to control sensitive personal, commercial or national information could have devastating consequences. Continue Reading
Definition 07 Jun 2021

meet-in-the-middle attack

Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key. Continue Reading
Blog Post 28 May 2021

Protecting your IoT devices protects your business

Organizations use IoT security standards and frameworks to secure IoT applications, data and devices, even for a fully remote workforce going forward. IoT security is more than a technology ... Continue Reading
Tip 28 May 2021

IT/OT convergence security must adapt for IoT connectivity

Organizations must build a strong security posture that includes both IT and OT to ensure their safety, which will require a paradigm shift from individual assets to systems. Continue Reading
Quiz 13 May 2021

Prove your expertise with this IoT security quiz

Think you know all there is to know about securing IoT devices on an enterprise network? Test your grasp of IoT security threats with this quiz. Continue Reading
Blog Post 16 Apr 2021

New IoT Cybersecurity Improvement Law is a start, not a final solution

Even though the new IoT Cybersecurity Improvement Law takes a step towards better connected device protections, organizations still have many cybersecurity challenges to tackle. Continue Reading
Tip 09 Apr 2021

Consider IoT TPM security to augment existing protection

Organizations can upgrade their devices to include TPMs that serve as passive security on the host system, simplify device maintenance and enhance overall security. Continue Reading
Blog Post 26 Mar 2021

Use a zero trust approach to combat IoT security risks

Cyber attacks on IoT and CMS have grown throughout 2020 and organizations must step up their network security measures with tactics such as zero-trust. Continue Reading
Tip 19 Mar 2021

Roll out IoT device certificates to boost network security

Organizations don't just use digital certificates for websites and web apps anymore. IoT device certificates have become a significant part of any cybersecurity strategy. Continue Reading
Blog Post 05 Feb 2021

Ensuring IoT and OT security requires collaboration

Just as security within an organization is everyone’s responsibility, all parties involved in the IoT and OT asset lifecycle must take responsibility for security and resilience. Continue Reading
Tip 26 Jan 2021

IoT device authentication methods that increase security

Most IoT devices don't come with ideal authentication capabilities. IT admins must understand the best methods to use for their deployment, such as digital certificates. Continue Reading
Blog Post 22 Jan 2021

Confronting the threat of edge-enabled swarm attacks

Cybercriminals can use thousands of hijacked devices to create swarm attacks. These attacks target networks or edge devices, and share intelligence in real time to refine an attack as it takes place. Continue Reading
Blog Post 14 Jan 2021

Flying IoT introduces new opportunities, security vulnerabilities

IoT is now taking to the sky in the form of drones. While these devices offer insurmountable business opportunities, the inherent security vulnerabilities leave some businesses unsure. Continue Reading
Feature 29 Dec 2020

How to use IoT authentication and authorization for security

IT administrators can determine which IoT authentication and authorization type, such as one-way or three-way, will serve them best based on their latency and data requirements. Continue Reading
Feature 16 Dec 2020

5 tools to help improve IoT visibility, device security

Device discovery tools can help organizations identify devices that might pose security risks, giving security administrators insight to protect their endpoints. Continue Reading
Blog Post 11 Dec 2020

Defeating pandemic attack trends on IoT and consumer devices

Training, threat intelligence and a comprehensive security strategy will ensure organization can fight threats that arise from the ever-increasing contingent of IoT devices. Continue Reading
Tip 24 Nov 2020

6 best practices for IoT security during global uncertainty

More people work outside of typical offices now, which means IoT security best practices must grow to accommodate them and focus on security hygiene and broader network analysis. Continue Reading
Tip 17 Nov 2020

6 steps to prioritize IoT gateway security

IoT gateways serve as essential components in building effective IoT deployments and greater security, but admins should secure them with regular software updates and audits. Continue Reading
Blog Post 13 Nov 2020

Cybersecurity 2.0 and the future of the IIoT landscape

With greater IIoT adoption and more security breaches, organizations must prioritize and update their security practices to match the new paradigms of current times. Continue Reading
Feature 11 Nov 2020

IoT Security Foundation launches vulnerability platform

With the convergence of home and work networks, IoT vulnerability platforms might push security awareness across consumer and enterprise IoT and assist manufacturers with regulations. Continue Reading
Feature 02 Nov 2020

5 steps to get IoT cybersecurity and third parties in sync

Third parties often prove to be the weak links when it comes to IoT cybersecurity. Learn what you can do to minimize the risk while reaping the benefits that outside vendors bring. Continue Reading
02 Nov 2020

5 steps to get IoT cybersecurity and third parties in sync

Continue Reading
Opinion 02 Nov 2020

AI in cybersecurity ups your odds against persistent threats

AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
Feature 30 Oct 2020

Get greater protection with IoT security advances in authentication

In this book excerpt, discover why and how authentication offers one of the most crucial security measures any engineer must plan in an IoT deployment. Continue Reading
Blog Post 27 Oct 2020

How to deal with IoT device proliferation

Malicious attackers have begun to strategically target IoT devices to gain access to corporate networks. Security teams must employ new tactics, such as deceptive techniques, to draw out attackers. Continue Reading
Blog Post 22 Oct 2020

Addressing the increase in IoT-based attacks driven by remote work

Following work-from-home ordinances due to COVID-19, business leaders must accept that employees’ IoT devices present a much greater risk now that they are used outside the company’s security fence. Continue Reading
Blog Post 16 Oct 2020

The key to contact tracing lies within IoT security

As people continue to adjust to COVID-19 prevention measures, including contact tracing, monitoring and IoT-enabled devices, the data collection process must be transparent, secure and reliable. Continue Reading
Tip 25 Sep 2020

Don't forget IoT physical security when planning protection

Organizations must take steps to ensure the physical security of IoT devices, including preventing access to hardware components and ensuring only authenticated access. Continue Reading
Tip 03 Sep 2020

Tackle the growing number of IoT ransomware threats

IoT devices give hackers more doorways into networks, and organizations must take steps -- such as backing up data -- to secure them before hackers come knocking with ransomware. Continue Reading

1
2
3
4

CIO

CHIPS and Science Act funds TSMC, Intel projects
The Biden administration has awarded billions through the CHIPS and Science Act to five companies to invest in building and ...
How to create a proof of concept with 6 free templates
What is a proof of concept and how does it help an organization? We dive into the importance of writing a PoC and provide a list ...
GDPR, EU AI Act will overlap as businesses face enforcement
Enforcement of the new EU AI Act remains up in the air as governing bodies are being established. Meanwhile, DPAs grapple with ...

Flaws in legacy D-Link NAS devices under attack
Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices and exploitation ...
Risk & Repeat: Cyber Safety Review Board takes Microsoft to task
This podcast episode discusses the Cyber Safety Review Board's report on Microsoft and its conclusion that the software giant ...
Ransomware attacks ravaged municipal governments in March
Many municipalities across the U.S. faced network outages, data breaches and large ransom demands following a flurry of ...

The effects of network downtime and ways to fix it
Causes of network downtime include human error, misconfigurations and security threats. Experts weigh in on the consequences of ...
SASE vs. SD-WAN: What's the difference?
SASE and SD-WAN are two similar architectures administrators use to provide secure network access, but they differ in terms of ...
Infrastructure requirements for Kubernetes cluster networking
A well-architected network infrastructure is vital for Kubernetes cluster networking, providing seamless communication and ...

Nvidia GTC 24: Are you ready for the future of AI?
The 2024 Nvidia GTC conference focused on the company's new Blackwell GPU Platform. With advancements in AI taking off, companies...
Nvidia partners, customers drive AI into data centers
Nvidia and its partners are providing the tools and infrastructure to build and deploy AI applications that companies say could ...
How to understand advancements in modern data centers
Data center advancements are rapidly occurring with storage demand. Some advancements, like an increase in temperatures, are ...

Data Management

Coalesce raises $50M to expand data transformation platform
The startup's new funding is a vote of confidence from investors given how difficult it has been for technology vendors to secure...
Aerospike raises $114M to fuel database innovation for GenAI
The vendor will use the funding to develop added vector search and storage capabilities as well as graph technology, both of ...
Vector vs. graph vs. relational database: Which to choose?
Vector databases enhance the use of generative AI. Organizations should consider how vector capabilities stack up vs. graph and ...

Close