So, you now have a hundred or a thousand, or a hundred thousand, IoT devices deployed by numerous business units across your organization. How are you going to lock down those devices? How are you going to manage device credentials and keys in the long term? How are you going to train your stakeholders to administer or use these devices securely? How are you going to be alerted to a potential intrusion in your system? And what are you going to do when you've identified an intrusion or a breach of data? To answer all of these questions, you need an operational security life cycle:
This chapter introduces an IoT system security life cycle that can be tailored to the unique operating needs of a system. We focus on four phases across the life cycle:
- Define:
- Define system security policies
- Define system roles
- Implement/integrate...