The Internet of Things (IoT) promises to revolutionize business processes through connectivity, analysis and automation. As new IoT systems are developed and integrated into corporate communication networks, new attack surfaces are also introduced. These attack surfaces provide adversaries with new ways to steal services, compromise information or trigger worst-case physical impacts against connected infrastructures. Security practitioners and information technology staff must be able to methodically analyze threats to IoT devices, information, and the infrastructure that supports them in order to choose the right security solutions and processes for locking down an IoT-enabled business. The IoT is broad in scope and encompasses all industries in various forms. IoT devices can range from connected vehicles and unmanned aerial systems (e.g., drones) at the larger end of the scale, to single-purpose sensors comprised of a microcontroller, sensor, battery and not much more. Organizations will soon be filled with many different types of IoT devices, some of which require additional safety and security measures due to their ability to cause effects in the physical world. These Cyber Physical Systems (CPS) will be prime attack targets and proper concern should be afforded to them in an Enterprise IoT Security Program. This course should be of interest to information technology professionals and security engineers responsible for architecting and implementing new IoT-based capabilities within an enterprise. This course will provide the steps required to design and implement an IoT Security Program. It will begin by providing an understanding of the unique threats associated with the IoT and the differences when compared with traditional Information Technology (IT) systems. It will provide a guide for employing an IoT security lifecycle within your organization that includes robust security engineering processes, the ability to integrate IoT devices into existing security infrastructure (e.g., identity and access management, security monitoring systems), and detailed information regarding how to perform an IoT Privacy Impact Assessment (PIA) and Safety Impact Assessment. The course will also discuss how to create a secure IoT device and how to securely integrate IoT devices to the Cloud.
What am I going to get from this course?
- Advise business leaders on the risks related to introducing IoT systems
- Design a life-cycle security plan to mitigate the risk introduced by IoT systems
- Extend your current security program to support the integration of new IoT systems
- Identify and mitigate safety and privacy concerns introduced by new IoT systems
- Plan to leverage the cloud to securely support your IoT systems
- Gain familiarity with fundamental cryptographic controls needed to safeguard IoT systems
- Test the security of your IoT system implementations