Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Internet of Things Security

You're reading from   Practical Internet of Things Security Beat IoT security threats by strengthening your security strategy and posture against IoT vulnerabilities

Arrow left icon
Product type Paperback
Published in Jun 2016
Publisher Packt
ISBN-13 9781785889639
Length 336 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Brian Russell Brian Russell
Author Profile Icon Brian Russell
Brian Russell
Drew Van Duren Drew Van Duren
Author Profile Icon Drew Van Duren
Drew Van Duren
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. A Brave New World FREE CHAPTER 2. Vulnerabilities, Attacks, and Countermeasures 3. Security Engineering for IoT Development 4. The IoT Security Lifecycle 5. Cryptographic Fundamentals for IoT Security Engineering 6. Identity and Access Management Solutions for the IoT 7. Mitigating IoT Privacy Concerns 8. Setting Up a Compliance Monitoring Program for the IoT 9. Cloud Security for the IoT 10. IoT Incident Response Index

Preface

Only a few people would contest the assertion that the phenomenon of the Internet of Things poses problems related to security, safety, and privacy. Given the remarkable industrial and consumer diversity of the IoT, one of the principal challenges and goals we faced when electing to write this book was determining how to identify and distill the core IoT security principles in as useful, but industry-agnostic a way as possible. It was equally important to balance real-world application with background theory, especially given the unfathomable number of current and forthcoming IoT products, systems, and applications. To end this, we included some basic security (and safety) topics that we must adequately, if minimally, cover as they are needed as a reference point in any meaningful security conversation. Some of the security topics apply to devices (endpoints), some to communication connections between them, and yet others to the larger enterprise.

Another goal of this book was to lay out security guidance in a way that did not regurgitate the vast amounts of existing cybersecurity knowledge as it applies to today's networks, hosts, operating systems, software, and so on, though we realized some is necessary for a meaningful discussion on IoT security. Not wanting to align with a single industry or company selling products, we strove to sufficiently carve out and tailor useful security approaches that encompass the peculiarities and nuances of what we think both distinguishes and aligns IoT with conventional cybersecurity.

A wide range of both legacy industries (for example, home appliance makers, toy manufacturers, automotive, and so on) and startup technology companies are today creating and selling connected devices and services at a phenomenal and growing rate. Unfortunately, not all are terribly secure—a fact that some security researchers have unrelentingly pointed out, often with a sense of genuine concern. Though much of the criticism is valid and warranted, some of it has unfortunately been conveyed with a certain degree of unhelpful hubris.

Interestingly, however, is how advanced some of the legacy industries are with regard to high-assurance safety and fault-tolerant design. These industries make extensive use of the core engineering disciplines—mechanical, electrical, industrial, aerospace, and control engineering—and high-assurance safety design to engineer products and complex systems that are, well, pretty safe. Many cybersecurity engineers are frankly ignorant of these disciplines and their remarkable contributions to safety and fault-tolerant design. Hence, we arrive at one of the serious obstructions that IoT imposes to achieving its security goals: poor collaboration between safety, functional, and security engineering disciplines needed to design and deploy what we term cyber-physical systems (CPS). CPS put the physical and digital engineering disciplines together in ways that are seldom addressed in academic curricula or corporate engineering offices. It is our hope that engineers, security engineers, and all types of technology managers learn to better collaborate on the required safety and security-assurance goals.

While we benefit from the IoT, we must prevent, to the highest possible degree, our current and future IoT from harming us; and to do this, we need to secure it properly and safely. We hope you enjoy this book and find the information useful for securing your IoT.

lock icon The rest of the chapter is locked
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image