kijiji 160616
TRANSCRIPT
Carlos Chalico LI, CISA, CISSP, CISM, CGEIT, CRISC, PbDLA, ISO27001LA
Instructor University of Toronto
School of Continuing Studies +1(647)406-7785
[email protected] @CarlosChalicoT
#IoT
Understanding IoT
Internet of Things
Understanding IoT
Thing
Identification Communication
Sensitivity Control
Native
Enabled
IoT Expected Market Growth
7.11.8700531
Trillion - USA
Trillion - China
Billion - Germany
Billion - UK
Estimated Value for
the Internet Of Things in 2030
Fuente: The Growth Game-Changer; Accenture
IoT GDP Impact (Current Conditions)
IoT GDP Impact (with additional measures)
7.11.8700531
Trillion - USA
Trillion - China
Billion - Germany
Billion - UK
Estimated Value for
the Internet Of Things in 2030
Fuente: Winning with the Industrial Internet of Things; Accenture
• NAC = National Absorptive Capacity - Reliable banking and finance - Education - Good governance - Healthy network of suppliers - Levels of research and development
- Presence of High-Tech companies - Degree of Technology Skills - Level of social and end-user acceptance - Willingness to embrace organizational
change - Ability to respond to the impacts on
human capital
Most conductive environments
Weaker enabling environments
Middle Performing Cohort
IoT Expected Market Growth
100%
Is there any threat for the IoT?
Fuente: Defending the Digital Frontier: A Security Agenda; Jose Granado, Sajay Rai, Mark Doll
Inve
stm
ent
High
Low
1990s 2000sTime
Information Security
Inform
ation
Techno
logy
Security
Breach
Is there any threat for the IoT?
Is there any threat for the IoT?
Is there any threat for the IoT?
XX
XX
X
XX
NYSE - Navigating the Digital AgeVI. Cybersecurity beyond your network
32. The Internet of Things • IoT Benefits • IoT Privacy Issues • IoT Security Issues • Addressing the Issues
• Not future, here, today • Consider risks and challenges • One step ahead • Security protocols standardization • Notifying security breaches • Solve issues related to breaches • Develop legal agreements with IoT
vendors
The OWASP Model - The IoT Top 10 Project• I1 Insecure Web Interface • I2 Insufficient Authentication/
Authorization • I3 Insecure Network Services • I4 Lack of Transport Encryption • I5 Privacy Concerns • I6 Insecure Cloud Interface • I7 Insecure Mobile Interface • I8 Insufficient Security Configurability • I9 Insecure Software/Firmware • I10 Poor Physical Security Ethics
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project
Protect from the very very beginning
Good Readings
Carlos Chalico LI, CISA, CISSP, CISM, CGEIT, CRISC, PbDLA, ISO27001LA
Instructor University of Toronto
School of Continuing Studies +1(647)406-7785
[email protected] @CarlosChalicoT
#IoT