Connect with us

Tech News

Connected and Vulnerable: Deloitte Shares Top Five Tips for IoT Device Security

Published

on

With the number of connected Internet of Things (IoT) devices anticipated to swell beyond 41 billion by 2025 according to a forecast from IDC estimates and the number of cyber attacks on such devices growing exponentially by the day, organizations should put security at the forefront of their priorities around IoT solutions. In an effort to help organizations shore up their security postures, Deloitte offers five tips to address IoT security in the products that organizations deploy in their environments and encourages manufacturers that make connected products to take a secure-by-design approach.

From cameras to toothbrushes, thermostats to hospital infusion pumps, connected devices are actively being targeted by cyber adversaries determined to compromise corporate and individual privacy, construct botnets, place malicious software and steal intellectual property.

The risk of compromise to a connected device is too great to ignore and often too late to reactively respond to. Organizations should adopt a proactive, secure-by-design approach while strategically and intentionally working to monitor and patch outdated legacy equipment, software and infrastructure.—Sean Peasley, partner, Deloitte & Touche LLP, and IoT security leader for Deloitte cyber risk services.

California is leading the charge with a new Internet of Things Security Law taking effect on Jan. 1, 2020, requiring all IoT devices sold to be equipped with reasonable security measures. Consequently, organizations should prepare and protect their companies, customers and communities. The benefits of IoT connectivity far outweigh the investment in cyber measures to ensure the integrity of the devices, networks and programs.

IoT device security best practices

Take note of every endpoint added: The expanse of IoT increases with every endpoint added into a network. This adds more vulnerabilities and has become a more popular and destructive cyber attack. While the adversarial landscape is always changing, Deloitte advises organizations to bring as much of their endpoint footprint under their security management in order to better secure the attack surface. Industry analysts predict that spending on IoT endpoint security solutions will be more than $630 million in 2021. Once these devices are managed, integration of security tools can be a more effective security focus for the organization. As with most domains within cybersecurity, security professionals realize that in order to meet the complex security challenges of their organizations, they should formulate a sound security strategy and constantly evolve by making continuous improvements to best mitigate their risks.

Align operational technology, IT and security: In addition to IoT, enterprises are managing multiple digital transformation initiatives simultaneously. Yet, according to the “Deloitte Future of Cyber” study, less than 10% of cyber budgets are allocated to these efforts. For companies to be successful with IoT initiatives, they need a new approach. One that helps them understand enterprise and cyber risks; develop a plan to prioritize and mitigate those risks; and then operationalize these efforts by obtaining alignment across key stakeholders: operational technology, IT and cybersecurity. Peasley adds, “IoT spans operational environments as much as it includes wearables, connected cars and products. Organizations should proactively plan for how to identify, track, patch and remediate around how it all could impact their organizations and ecosystems.”

Know the players in your ecosystem: Since the interconnectivity of third-party hardware, software or services may be the source of a security breach, it’s imperative to consider how a covered device interacts with such third parties. Ideally, contracts with third, fourth, and fifth parties should address security updates and concerns. Organizations should establish a third-party risk management program to evaluate the cyber risks of their third parties and supply chain partners.

Employ AI and ML to detect anomalies that humans can’t: You can’t prevent what you don’t know about. Artificial intelligence for IT operations (AIOps) has grown from an emerging category to an IT necessity. AIOps platforms are uniquely suited to establish a baseline for normal behavior and detecting subtle deviations, anomalies and trends. This is significant as IoT turns much of the physical world into robots powered by AI. Organizations should take both a secure by design (DevSecOps) approach in tandem with an AIOps approach to both prevent and identify cyber attacks.

Conduct vulnerability assessments on devices: As cyberattacks continue to grow, organizations should have confirmation that their connected devices — and the environment in which they’re deployed — have been designed, built and implemented with security in mind. Whether through basic testing or a bug bounty program, testing can provide assurance around the security posture of an organization’s devices.

Deloitte’s Cybersphere is a state-of-the-art destination to help organizations explore their most pressing cyber challenges. The Cybersphere features a 24/7 threat monitoring and reconnaissance “Watch Floor,” and labs designed for cyber teams to increase capabilities and confidence as they face ever-evolving cyber threats. It also features a Cyber IoT Studio where organizations can test the security of their connected devices on their networks to help identify whether their most critical assets are secure.

Deloitte’s Cyber IoT Studio provides:

Technical testing services for IoT devices — from autonomous cars and connected medical devices, to industrial control systems, building automation and smart cities.

A center of excellence that provides leading practices for device security testing and certification readiness methods.

An environment and secure location in which to test, analyze and pilot proprietary technology.

Diverse IoT ecosystems to architect and test heterogeneous technologies for a multitude of industry-specific, use-cases with the latest security and control solutions for on-premise and cloud integrations.

Continue Reading
Comments

Tech News

Why cybersecurity in the EU should matter to you

Published

on

From stolen data to blocked hospital systems: cyberattacks can have perilous consequences. Learn more about cybersecurity and its importance.

The coronavirus pandemic has accelerated the digital transformation of the economy and society, creating opportunities as well as challenges. By 2030, 125 billion devices could be connected to the internet, up from 27 billion in 2017 while 90% of people over six are expected to be online. As cyberspace is by design interconnected and digital and physical are increasingly intertwined, new dangers emerge.

Definitions 

  • Cyberattacks are attempts to misuse information, by stealing, destroying or exposing it and they aim to disrupt or destroy computer systems and networks 
  • Cybersecurity includes information and communication security, operational technology and the IT platforms required to ensure the safety of digital systems 
  • Cyberdefence includes cybersecurity and threat analyses and strategies to protect against threats directed at citizens, institutions and governments 

Cyber threats in the EU: personal and societal costs

The use of digital solutions has long been on the rise and teleworking, online shopping and keeping in touch online rose sharply during lockdown. These solutions can benefit consumers and support the economy and the post-Covid recovery. However, there has been a corresponding increase in malicious cyber activities.Attackers may use phishing websites and emails with malicious links and attachments to steal banking information or blackmail organisations after blocking their IT systems and data.

A secure cyberspace is the basis for the EU’s digital single market: enabling solutions and unlocking its full potential by making people confident online. The 2019 Digital Economy and Society Index showed that security concerns limited or prevented 50% of EU internet users from performing online activities. The 2020 index indicated  that 39% of EU citizens who used the internet experienced security-related problems.

The damage caused by cyberattacks goes beyond the economy and finance, affecting the very democratic foundations of the EU and threatening the basic functioning of society.

Essential services and critical sectors such as transport, energy, health and finance, have become increasingly dependent on digital technologies. This, together with the increase in physical objects connected to the Internet of things, can have direct consequences, including making cybersecurity a matter of life and death.

From cyberattacks on hospitals, causing them to postpone urgent medical procedures, to attacks on power grids and water supply – attackers are threatening the supply of essential services. And as cars and homes become increasingly connected, they could be threatened or exploited in unforeseen ways.

Cyberattacks, deployed with for example disinformation, economic pressure and conventional armed attacks, are testing the resilience of democratic states and institutions, directly targeting peace and security in the EU.

Cybersecurity in the EU

Businesses and organisations in the EU spend 41% less on cybersecurity than their US counterparts. The European Union has been working to strengthen cybersecurity to allow the EU to become a global cyber player. MEPs recently called for common EU cyber defence capabilities and are working to ensure a high common level of cybersecurity in the EU.

Continue Reading

Tech News

Standards & Digital Transformation – Good Governance in a Digital Age

Published

on

In celebration of World Standards Day 2021, celebrated on 14 October every year, the United Nations Industrial Development Organization (UNIDO) is pleased to announce the launch of a brochure, “Standards and Digital Transformation: Good Governance in the Digital Age”.

In the spirit of this year’s World Standards Day theme “Shared Vision for a Better World”, the brochure provides insights into the key drivers of the digital transformation and its implications for sustainable development, particularly people, prosperity and planet. Noting the rapid pace of change of the digital transformation, with the COVID-19 pandemic serving as an unanticipated accelerator, the brochure highlights the role of standards in digital transformation governance. It further considers the principles necessary for guiding the collaborative development of standards in the digital technology landscape to ensure that the technologies remain human-centered and aligned to the goals of sustainability.

This year’s World Standards Day theme highlights the Sustainable Development Goals (SDGs) representing a shared vision for peace and prosperity, for people and planet. Every SDG is a call for action, but we can only get there if we work together, and international standards offer practical solutions we can all stand behind.

This brochure is a summary of a publication set to be released in November 2021.

Download it here.

Continue Reading

Tech News

AutoFlight presents V1500M – an autonomous passenger eVTOL aircraft

Published

on

Shaping the future of urban air mobility: The tech company AutoFlight shows an autonomous passenger eVTOL aircraft: the V1500M. It will change the face of personal air transportation. AutoFlight debuted its autonomous fixed-wing passenger electric vertical take-off and landing aircraft (“eVTOL”) to the world at the China Airshow in Zhuhai.

With its sleek looks and innovative technology the V1500M doesn’t rely on runways and airports. It can vertically take-off and land anywhere anytime. Virtually any rooftop or flat surface becomes a vertiport. When it reaches a certain altitude, the power system turns on the dual prop pusher, so that V1500M is able to cruise at speeds of a fixed-wing airplane. And in low-altitude airspace, the all-electric design enables the aircraft to operate at a very low noise level. 

As the energy consumption in the fixed wing mode is much lower than in the multirotor mode the V1500M can fly much further than any pure multicoptor eVTOL.

Being able to fly without a pilot, the V1500M’s uses eight lifting motors to take off and land vertically like a multi-rotor aircraft, and fly as far as 250 km when carrying up to four passengers. At the moment, a safety pilot is still mandatory. Yet as technology advances and regulations become increasingly refined, that space can later be allocated to another passenger or extra luggage. 

“The V1500M is a milestone – not only for AutoFlight but also for the global development of the urban air mobility“, so Tian Yu, founder and CEO of AutoFlight. “Our company is committed to developing safe and reliable passenger eVTOL aircraft and helping to create a better mobility future.”

In terms of safety, AutoFlight with its rich experience in aircraft design, manufacturing and its dedication to make reliable flying cars, following aviation industry’s standards. The lifting rotor’s and prop pusher’s redundant power system guarantees that the aircraft could hover safely when two of the rotors malfunction. In case of one propeller failure, the other still ensures safe flight and landing. The V1500M also has an whole-aircraft parachute, which is designed to act as the last line of safety to protect passengers so they enjoy safe flying.

V1500M will accomplish its first flight in the near future. The goal is to certify the aircraft with the aviation authorities by 2024.

Tian Yu: “AutoFlight will keep contributing to the eVTOL industry. Through building safe, efficient, systematic R&D and AC processes, leveraging domestic and international resources and establishing partnerships across industries, AutoFlight strives to accelerate the practical implementation of eVTOLs in commercial applications and lead us into a better future with UAM.”  

With its tradition and the experience, AutoFlight aims to create cost-effective, safe, and reliable eVTOL

AutoFlight is one of the earliest tech companies in China to start making autonomous eVTOL, including large payload logistic and autonomous unmanned aerial vehicles (UAVs). Logistic UAVs were introduced first. They have now accumulated over 10,000 hours of flight time and been tested in all kinds of extreme conditions.

AutoFlight owns proprietary intellectual property rights in key technologies such as flight control systems, electrical systems or other core components. They have obtained over 200 domestic and international patents for its self-developed modules including highly efficient electric motors, electronic control systems, and durable lightweight carbon-fiber composite materials. 

“Following our cargo-to-passenger-strategy we go ahead step-by-step but very straight forward“, says Tian Yu. 

V1500M’s Key Specifications
Aircraft length10.3 m
Wingspan12.8 m
Fuselage height3.1 m
Maximum take-off weight (MTOW)1500 kg
Typical seating 3 – 4 
Cruise speed200 km/h
Flight range (fully seated)250 km

About AutoFlight

AutoFlight is a global high-tech startup, born in China, specializing in developing and manufacturing autonomous aerial vehicles. AutoFlight’s mission is to provide safe and reliable aerial logistic systems and urban air mobility solutions for human society. By leveraging new technologies in aviation, new material, artificial intelligence, autonomous driving, and 5G, AutoFlight actively drives development in eVTOL (electric Vertical Takeoff and Landing) industry.

Continue Reading

Publications

Latest

Science & Technology1 hour ago

U.S. Sanctions Push Huawei to Re-Invent Itself and Look Far into the Future

There is no doubt that the return of Huawei’s CFO Meng Wanzhou to Beijing marks a historic event for the...

Tech News3 hours ago

Why cybersecurity in the EU should matter to you

From stolen data to blocked hospital systems: cyberattacks can have perilous consequences. Learn more about cybersecurity and its importance. The...

city business city business
Reports5 hours ago

Capabilities fit is a winning formula for M&A: PwC’s “Doing the right deals” study

Ensuring there is a capabilities fit between buyer and target is key to delivering a high-performing deal, according to a...

Intelligence7 hours ago

A More Diverse Force: The Need for Diversity in the U.S. Intelligence Community

As part of a hiring initiative meant to attract new and diverse hires, the Central Intelligence Agency (CIA) released a...

Tourism9 hours ago

UNWTO and NEOM Launch ‘Tourism Experiences of the Future’ Challenge

The ‘Tourism Experiences of the Future’ challenge will source innovative ideas and disruptive business models related to the tourism needs...

East Asia11 hours ago

Shared Territorial Concern, Opposition to US Intervention Prompt Russia’s Support to China on Taiwan Question

The situation around the island of Taiwan is raising concerns not only in Chinese mainland, Taiwan island or in the...

New Social Compact13 hours ago

KP’s Education Reforms – Heading Towards Right Path

The first word revealed in the holy Quran was “Iqra” which means “to read”. This first verse of Holy Quran...

Trending