Start paying down your ‘security debt’ with DevSecOps
Synopsis Software Integrity Blog – Financial debt isn’t necessarily a bad thing. Most people wouldn’t be able to buy a house if they didn’t take out a mortgage. Security debt—the kind that builds up when you don’t fix “older” vulnerabilities in your software—isn’t like that. It’s not like a mortgage, where nothing bad will happen as long as you make all the required monthly payments for 30 years.
5G IoT revenue predicted to reach $8bn by 2025
Gigabit – New research has suggested revenue from 5G internet of things (IoT) connections will reach $8bn by 2025, up from a relatively paltry $525mn in the current year. Cesar Cerrudo, CTO at IOActive, said: “Whilst the IoT boom is undoubtedly good for business, increasingly, the physical and cyber realms are converging and opening up new areas of risk. IT systems are controlling so many important aspects of all our lives that when they are attacked there can be serious physical, real-world consequences.”
Seven in 10 companies know of hacks against their IoT devices, research finds
IoT News – The IoT is barreling towards the enterprise – but companies remain highly vulnerable to IoT-based attacks, according to a new report. Earlier this month, a study titled ‘LoRaWAN Networks Susceptible To Hacking: Common Cyber Security Problems, How To Detect And Prevent Them’ by computer security firm IOActive found a host of cybersecurity issues in the LoRaWAN protocol that could put network users at risk of attacks. The study also warned about widespread disruption and even risk to life that could occur in some extreme cases.
Industrial control system security needs urgent revamp
SC Magazine UK – “Many industrial control systems are not nearly as isolated or defended as we would like,” agreed Jason Larsen, industrial controls systems principal at IOActive. “Once an attacker gains a foothold on a control network, they are still faced with the challenges of actually controlling the network. Ransomware and denial-of-service is one way that hackers not skilled in industrial networks can monetize the access.”
Inaugural Ally Of The Year Awards 2020 Celebrates The Supporters Of Women In Technology During RSA Conference
ITSP Magazine – “The Ally of the Year Awards is doing great work bringing recognition to the efforts of numerous people and companies supporting women in technology. Diversity as a whole is critical to the security industry so IOActive is proud to help support these initiatives as part of our mission to make the world and safer and more secure place.” – Jennifer Steffens, CEO, IOActive