Issue link: https://securitytechnologyexecutive.epubxp.com/i/870734
44 SECURIT Y TECHNOLOGY E XECUTIVE • September/October 2017 • www. SecurityInfoWatch.com RISK MITIGATION sk yourself: How can you keep your company and its clients off the evening news as a victim of cyber crime? Given the speed at which disparate security technologies are rushing towards a hypercon- nected world, are you ready? There is a menacing velocity of threats, internal and external, increasing exponentially. Is your organiza- tion fully aware and prepared to mitigate the grow- ing risks tied to thousands of network-centric, IoT and integrated devices? More importantly, has the solution designed and installed to protect your people; property and information become a Trojan horse? And when this unanticipated Black Swan event occurs, how do you explain this to your board? Does authentication save you? If it does, what does it look like? Are best practices alone your sal- vation? Or is it technology? Who is responsible for it? Is it the manufacturer? Or is it the third-party providers of development code used by manufac- turers? What part does the integrator play in their obligation to help mitigate risk for their customers? And how much responsibility should the end-user be prepared to bear? The answer is simply every- one plays a part. Not surprisingly, best practices and technology play dual roles in the implementation of authentication strategies. Best practices have an enormous impact on authentication. Gi ven the myriad platforms, play- ers, risks, and threats, best practices and focused leadership will set the tone of the organization and create a culture of awareness. Policies and proce- dures addressing the questions authentication raise should be designed to monitor and manage the obligations and activities of all players includ- ing , IT departments, consultants, manufacturers, and integrators. But given the nature and size of Avoiding a Black Swan Event through Authentication The emergence of hackers targeting electronic security systems is recent and ominous By Eddie Melt zer A Organizations are waking up to the fact that the most attractive attack surface for hackers is becoming the physical security system. large physical security systems, technology and automation are required in order to scale activi- ties to meet the sense of urgency we must all adopt in order to maintain a proactive authentication posture. According to Ray Bernard, President and Principal Consultant of Ray Bernard Consulting Services and a subject matter expert, "Machine to Machine (M2M) authentication will become a lead- ing factor in IoT." Organizations are waking up to the fact that the most attractive attack surface for hackers is becom- ing the physical security system. Physical security is most evident at the edge of the network, often in unguarded and exposed places. It is connected to a network but typically without oversight by the IT organization. Whether breached by physical means (inserting an infected USB stick) or by cyber means (using network connectivity to download a virus), physical security systems are being used to attack organizations. In other words, the biggest security liability right now for many organizations may be their own security system. F5 Labs calls IoT devices the