With the number of connected Internet of Things (IoT) devices anticipated to swell beyond 41 billion by 2025 according to a forecast from IDC estimates and the number of cyber attacks on such devices growing exponentially by the day, organizations should put security at the forefront of their priorities around IoT solutions. In an effort to help organizations shore up their security postures, Deloitte offers five tips to address IoT security in the products that organizations deploy in their environments and encourages manufacturers that make connected products to take a secure-by-design approach.
From cameras to toothbrushes, thermostats to hospital infusion pumps, connected devices are actively being targeted by cyber adversaries determined to compromise corporate and individual privacy, construct botnets, place malicious software and steal intellectual property.
The risk of compromise to a connected device is too great to ignore and often too late to reactively respond to. Organizations should adopt a proactive, secure-by-design approach while strategically and intentionally working to monitor and patch outdated legacy equipment, software and infrastructure.—Sean Peasley, partner, Deloitte & Touche LLP, and IoT security leader for Deloitte cyber risk services.
is leading the charge with a new Internet of Things Security Law taking effect on Jan. 1, 2020, requiring all
IoT devices sold to be equipped with reasonable security measures.
Consequently, organizations should prepare and protect their companies,
customers and communities. The benefits of IoT connectivity far outweigh the
investment in cyber measures to ensure the integrity of the devices, networks
IoT device security best practices
Take note of every endpoint added: The expanse of IoT increases with every endpoint added into a network. This adds more vulnerabilities and has become a more popular and destructive cyber attack. While the adversarial landscape is always changing, Deloitte advises organizations to bring as much of their endpoint footprint under their security management in order to better secure the attack surface. Industry analysts predict that spending on IoT endpoint security solutions will be more than $630 million in 2021. Once these devices are managed, integration of security tools can be a more effective security focus for the organization. As with most domains within cybersecurity, security professionals realize that in order to meet the complex security challenges of their organizations, they should formulate a sound security strategy and constantly evolve by making continuous improvements to best mitigate their risks.
Align operational technology, IT and security: In addition to IoT, enterprises are managing multiple digital transformation initiatives simultaneously. Yet, according to the “Deloitte Future of Cyber” study, less than 10% of cyber budgets are allocated to these efforts. For companies to be successful with IoT initiatives, they need a new approach. One that helps them understand enterprise and cyber risks; develop a plan to prioritize and mitigate those risks; and then operationalize these efforts by obtaining alignment across key stakeholders: operational technology, IT and cybersecurity. Peasley adds, “IoT spans operational environments as much as it includes wearables, connected cars and products. Organizations should proactively plan for how to identify, track, patch and remediate around how it all could impact their organizations and ecosystems.”
Know the players in your ecosystem: Since the interconnectivity of third-party hardware, software or services may be the source of a security breach, it’s imperative to consider how a covered device interacts with such third parties. Ideally, contracts with third, fourth, and fifth parties should address security updates and concerns. Organizations should establish a third-party risk management program to evaluate the cyber risks of their third parties and supply chain partners.
Employ AI and ML to detect anomalies that humans can’t: You can’t prevent what you don’t know about. Artificial intelligence for IT operations (AIOps) has grown from an emerging category to an IT necessity. AIOps platforms are uniquely suited to establish a baseline for normal behavior and detecting subtle deviations, anomalies and trends. This is significant as IoT turns much of the physical world into robots powered by AI. Organizations should take both a secure by design (DevSecOps) approach in tandem with an AIOps approach to both prevent and identify cyber attacks.
Conduct vulnerability assessments on devices: As cyberattacks continue to grow, organizations should have confirmation that their connected devices — and the environment in which they’re deployed — have been designed, built and implemented with security in mind. Whether through basic testing or a bug bounty program, testing can provide assurance around the security posture of an organization’s devices.
Deloitte’s Cybersphere is a state-of-the-art destination to help organizations explore their most pressing cyber challenges. The Cybersphere features a 24/7 threat monitoring and reconnaissance “Watch Floor,” and labs designed for cyber teams to increase capabilities and confidence as they face ever-evolving cyber threats. It also features a Cyber IoT Studio where organizations can test the security of their connected devices on their networks to help identify whether their most critical assets are secure.
Deloitte’s Cyber IoT Studio provides:
Technical testing services for IoT devices — from autonomous cars and connected medical devices, to industrial control systems, building automation and smart cities.
A center of excellence that provides leading practices for device security testing and certification readiness methods.
An environment and secure location in which to test, analyze and pilot proprietary technology.
Diverse IoT ecosystems to architect and test heterogeneous technologies for a multitude of industry-specific, use-cases with the latest security and control solutions for on-premise and cloud integrations.
The beginner’s guide to backup program files like an expert
The invention of the internet was a revolution for the computer industry. It caused an exponential increase in the sales of desktops and laptops. With technological advancements, the laptops are being upgraded within two to three years as well. Thus, there will be a time when you will have to upgrade your laptop. Backing up your important files and documents will be needed for a smooth transition from one PC to another. Moreover, there are other risks like hardware failure, hacks, etc. due to which you can lose your precious data also. So, if you are not taking backup periodically, there is a high risk of data loss.
The data backup process takes some effort. But thanks to new software and hardware services, it has become easier than ever. In this article, we will take you through the details of the data backup process.
Types of PC Backup
Backing up of data can be as simple as creating duplicates of your important files or creating a full disk image. There are a lot of tools available at your disposal that you can choose from either of these methods for backing up your files. The factors that you must consider while picking up a data backup option are redundancy, security, and accessibility. Thus, review these parameters before zeroing-in on a specific backup method. Let’s have a look at all the options available to you:
Backing Up data on an external storage device
One of the simplest ways backing up data is by copying it to an external storage device. Devices like USB, an SD card, or an external hard disk can be used for this activity. If your device has USB 3.0, then the file transfer will be faster. Ensure that you have enough space to transfer all the relevant files on the external device that you have chosen. Once you have the device with you, connect it with your PC, and copy all the relevant files.
The data transfer by this process can be time-consuming. Moreover, you will have to manually select all the files and documents that you want to backup. Thus, there are chances of data loss if you aren’t cautious while selecting the files. Files like emails, system settings, program settings, etc. cannot be copied in this process. Thus, this process of data backup isn’t recommended.
Cloning a full disc image
Your entire PC’s data can be backed up by creating a full disc image. You would need a secondary storage device like a USB drive, memory card, an external hard disk, or a cloud-based service. Taking backup on your device’s hard disc is not recommended because if it fails, the entire data is lost. Follow the below steps for backing up the image:
- In the ‘Start Menu’ on your device click on ‘Settings’.
- Click on the ‘Update & Security’ button.
- You will see a ‘Backup’ option which will let you create a full system image to back up your entire system files.
- Pick the location where you want to back up the data and hit the ‘Go’ icon.
The data backup process is automatic and will take around an hour to complete.
System backup with software
Using data backup software is a great way to automate the data backup process. Software like Zinstall Backup helps you in backing up all your files, programs, and software without any data loss. Follow the below steps for backing up data:
- Connect your system to an external USB device or an external hard disk or a cloud storage service.
- Download and install Zinstall Backup software.
- Run the software once installed. It will automatically detect available backup locations.
- Click the “Settings” button to select the backup location you want to store your data in.
- Click the on button on the left, and Zinstall Backup will start working.
All the files, programs, and software will be backed up to your storage device within an hour. The process is executed automatically and there are no chances of data loss. You can also set a periodic backup option. In this case, only the changed files and documents are backed up which reduces the number of reads and writes the data backup requires.
System failure or hacking attacks can happen anytime. Thus, it is important to keep a backup of your important files and documents. We hope the above article can get you started with the data backup process.
Modernizing data collection enhances resilience of statistical offices in times of crisis
A virtual UNECE workshop concludes today in which experts on surveys, censuses and alternative data collection methods have revealed their brand-new learning about the best ways to maintain core data collection, and collect newly-demanded data, in the midst of the Covid-19 pandemic.
The need for statistics isn’t put on hold during a national or international crisis—in fact demand increases, as decision-makers rely on numbers to guide their next moves. National statistical offices (NSOs) are experienced in maintaining business continuity in the face of adversity, be it hurricanes, earthquakes, civil unrest or political upheaval. But never before have so many NSOs had to deal with a situation that has placed such enormous and wide-ranging restrictions on their ability to collect data. The businesses that provide economic and labour force data have been closed; the staff that conduct surveys and analyze data have been locked-down in their homes, with new staff hired and trained online; survey-takers and respondents have had to observe new and changing health protection rules such as social distancing and wearing personal protective equipment; and supply chains have been disrupted for the basic items needed to gather data, such as paper for printed questionnaires or tablets for electronic data gathering.
Maintaining essential data collection
From the very beginning of the Covid-19 pandemic, the official statistics community has recognized how crucial it is to maintain data collection. Users of official statistics, from banks to businesses and from politicians to school pupils, still expect to be able to look up basic figures such as GDP, population, migration, unemployment. They expect these figures to be reliable and comparable with those they used before the pandemic. And they expect them to reflect the new realities of the current situation, such as current unemployment and earnings figures.
Presenters in this week’s UNECE workshop outlined the lengths they have gone to to keep gathering data. In Mexico, the pandemic struck as the country’s census was underway. New social distancing rules meant some census enumerators had to call out questions to respondents through their windows. In the Netherlands, an online portal was developed and tested at speed to gather data from businesses without traditional surveys. Ireland, Italy and Poland have employed a variety of techniques to communicate with respondents to secure their vital responses to surveys, from sending postcards and handwritten notes to increased use of telephone calls. Discussions revealed that the more advanced an NSO was before the pandemic in their move towards modern modes of data collection (electronic devices, Internet responses, video interviewing and so on), the easier it was for them to make the changes required by the Covid restrictions.
Collecting new data to measure new phenomena
The world has changed in countless ways since the onset of the pandemic. Responding to these changes requires information about things that previously were not measured—or at least not by national statistical offices. NSOs have found themselves at the centre of nationwide efforts to collect, coordinate and disseminate statistics on the virus itself—cases, tests, hospital admissions, mortality rates. And new survey questions or whole new surveys have sprung up across UNECE countries to gather data about the impacts of working from home and school closures on mental health, gender-based violence and unpaid care work; the economic fallout of business closures and furloughs; and the envionmental impacts of reduced mobility and industrial activity.
Examples showcased in this week’s event included new questions on covid impacts in Finland’s Consumer Confidence Survey; and new modules in a plethora of surveys in Poland on science, technology, culture, tourism and civil society. In the United Kingdom, a Business Impact of Coronavirus Survey was developed and conducted every two weeks starting in early March.
Long-term impacts on data collection
The UNECE programme on modernizing official statistics has for close to a decade supported countries in making a transition to using new modes of data collection, new data sources and new methods for integrating data from multiple sources. For many NSOs the pandemic has accelerated this transition, forcing the hands of cautious offices where the alternative may have been to stop collecting data altogether. The pace of change has been rapid, with one participant stating “we have had a greater impact in six months than in our whole careers so far”. While the panoply of new tools, techniques and statistical products may in time settle as the pandemic runs its course, the steps taken across the UNECE region in the direction of statistical modernization are undoubtedly permanent.
World Bank Supports Digital Connectivity in Haiti to Build Resilience
The World Bank’s Board of Executive Directors approved today a US$60 million grant from the International Development Association (IDA) for the Haiti Digital Acceleration Project. This financing aims to increase access to broadband services in Haiti and establish the foundations of digital resilience to respond to health, climate and economic shocks.
“The COVID-19 crisis has highlighted the essential role that digital technologies play both during and after crisis. More widespread and affordable internet access could make Haiti more resilient to future shocks,” said Anabela Abreu, World Bank Country Director for Haiti. “The World Bank is supporting Haiti to increase access and affordability of digital services, while building the necessary skills for digital literacy. Increased broadband connectivity can help drive innovations and new industries that create jobs.”
The lack of affordable and reliable internet connectivity is a key constraint to inclusive growth in Haiti, as only 35 percent of the population has access to broadband internet. The Haiti Digital Acceleration Project will address key bottlenecks to digital development, and help develop the digital economy as a driver of growth, a stronger recovery from the COVID-19 crisis, and the ability to more effectively respond to future shocks. Given the potential for the project to enable better connectivity and digital services, it is expected to benefit the entire population of Haiti.
One of the key project activities will include technical assistance to help develop strategies and regulatory tools to promote competition in the digital infrastructure and services market. The project will also better prepare individuals and businesses for the jobs and economy of the future through the development of their digital skills. This includes opportunities particularly for women, girls, at-risk youth, and the rural population to access skills training. The project will also provide equipment, broadband, and software for the public administration to improve the efficiency of service delivery and the modernization of the Haitian Government.
Kashmir Bleeds, International Community Sleeps
The most beautiful part of the World “Kashmir” bleeds while the International community sleeps. Snow-covered mountains, lush green pasters, blue...
The Role of Malaysia in ASEAN
The three important objectives of ASEAN, a. collaboration and cooperation; b. trade and economic growth; and c. peace and stability,...
What is the public sphere today in Turkey?
The concept of public sphere, which was started to be examined in Europe in the 1960s, has different meanings according...
Armenia: Lies and realities
The OSCE Minsk Group was established to resolve the Nagorno-Karabakh conflict, which arose as a result of Armenia’s brutal interference...
Solutions to accelerate renewables integration and power system resilience
Singapore and the International Energy Agency today co-hosted the second Global Ministerial Conference on System Integration of Renewables (SIR). The...
Taking For Granted … Be Wary
The title of these comments is inspired by my personal experience in important areas of public policy both as a...
European defence still matters but not for Lithuania
European countries have different points of view on the issue of the EU collective defence and security. These views divide...
Science & Technology1 day ago
Rachel Lyons: Shaping the future of humanity in space
Development3 days ago
Global collaboration is key to recovery and achieving the SDGs
Defense2 days ago
Who Needs A Proxy War In The Caucasus?
Southeast Asia2 days ago
US Secretary of State Pompeo set to boost Indonesian religious reform efforts
New Social Compact3 days ago
Classroom crisis: Avert a ‘generational catastrophe’
Eastern Europe2 days ago
Ceasefire Violated, Civilians of Ganja, Azerbaijan Hit –Again
News3 days ago
Step up action to achieve COVID-19 ceasefire- Guterres
Africa2 days ago
It is time to end the illegal sanctions on Zimbabwe