SANS DFIRCON Spring 2021 features eight DFIR courses, plus DFIR NetWars and Coin Slayer! Register now for best offers.

Securing the Internet of Things

San Francisco, CA | Thu, Oct 17 - Tue, Oct 22, 2013
This event is over,
but there are more training opportunities.

Welcome to Securing the Internet of Things

Welcome to Securing the Internet of Things

  • 3 courses
  • 2 instructors
  • 2 disciplines
Click here to view the summit agenda.

Co-located with Healthcare Cyber Security Summit

What is it: The Internet enables any-to-any connectivity. The first wave of connectivity was user buildings (homes and offices) connecting to business buildings with wired Internet connections. The second wave was mobile user devices (laptops, smartphones, tablets) connecting to businesses and each other over wireless Internet connectivity. The latest wave is "things" connecting to users, businesses and other "things" using mixtures of wired and wireless connectivity. This includes automobiles, airplanes, medical machinery, personal medical devices, windmills, environmental sensors, natural gas extraction platforms, you name it. The effectiveness and efficiency of these systems is being greatly multiplied by both client/server and peer to peer connectivity, enabled by advances in new forms of connectivity, inexpensive controllers and Internet-standard protocols.

The Security Challenge: Most of the devices in the Internet of Things will be used in two broad areas:

  1. Critical Infrastructure - power production/generation/distribution, manufacturing, transportation, etc.
  2. Personal "infrastructure" - personal medical devices, automobiles, home entertainment and device control, retail

Critical infrastructure represents an attractive target for national and industrial espionage, denial of service and other disruptive attacks. Internet connected things that touch very sensitive personal information are high priority targets for cyber criminals, identity theft and fraud. In both of these areas, new technology requiring new approaches to security will be added to legacy systems employing legacy security processes and technology. While the same Critical Security Controls will be needed in the Internet of Things, the way security is architected, delivered and monitored will need to change.

The Call to Action: The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.

Information Technology Personal Technology Operational Technology
PCs Tablets, Smartphones ICS/SCADA, ICS
Servers Mifi, Home Energy Medical Machines, Kiosks
Virtualization Medical Wearables, Medical Implants Cloud Service Infrastructure
Routers Home Entertainment Manufacturing
Switches Home Control Env. Monitoring