SANS Analyst Webcast: SANS Survey on Securing The Internet of Things
- Wednesday, January 15, 2014 at 1:00 PM EST (18:00:00 UTC)
- John Pescatore, Bart Pestarino and Mike Jawetz
You can now attend the webinar using your mobile device!
Today's enterprise networks are supporting devices that were never meant to have Internet or wireless connections. Printers, entertainment units, HVAC and building alarms, medical instruments (some of those implanted in humans), power control systems, refrigeration units, even cars--all are getting smarter with embedded chips and Internet or wireless connections. The Internet of Things includes software, firmware or hardware used to control, manage or monitor the performance of these and other connected Things. The effectiveness and efficiency of these systems is being greatly multiplied by both client/server and peer-to peer-connectivity, enabled by advances in new forms of connectivity, inexpensive controllers and Internet-standard protocols.
Increasingly, researchers are revealing the weaknesses in the communications channels and chip-embedded systems that support these Things--weaknesses that could be used to take advantage of these devices and cause harm. Meanwhile the IP addresses to embedded devices are also turning up in honeypot sensors collecting information on malware. The concern is worrisome enough for former Vice President Dick Cheney to ask his doctor to turn off the wireless communications to his embedded heart defibrillator, as reported on 60 Minutes in October.
What awareness do IT organizations have around what connected devices are being deployed, used, connected or supported in their businesses? Are those devices coming under the management of IT security professionals? And if so, how they are managing them?
Attend this webcast and learn how others are managing the risks introduced by an increasing array of "smart" things with wireless or Internet connections. Register for the Live! webcast and receive a link to an advanced copy of the full report.
Click here to view the associated whitepaper.
John Pescatore joined SANS in January 2013, with 35 years of experience in computer, network and information security. He was Gartner's lead security analyst for more than 13 years, working with global 5000 corporations, government agencies and major technology and service providers. In 2008, he was named one of the top 15 most influential people in security and has testified before Congress on cybersecurity. Prior to joining Gartner Inc. in 1999, John was senior consultant for Entrust Technologies and Trusted Information Systems. Prior to that, he spent 11 years with GTE developing secure computing and telecommunications systems. In 1985, he won a GTE-wide Warner Technical Achievement award. Mr. Pescatore began his career at the National Security Agency, where he designed secure voice systems, and the United States Secret Service, where he developed secure communications and surveillance systems--and the occasional ballistic armor installation. He holds a bachelor's degree in electrical engineering from the University of Connecticut and is an NSA-certified cryptologic engineer. He is an Extra class amateur radio operator, callsign K3TN.
Bart Pestarino serves as security evangelist director and heads Americas marketing at Codenomicon, the developer of market-leading DEFENSICS software, which finds previously-unknown vulnerabilities and Common Vulnerabilities and Exposures (CVE(R)) existing in software, hardware and firmware. As security evangelist, Bart presents on the topics of infosec capital-budgeting and operational risk management, and he organizes CodenomiCON, the companyís annual international event. Bart is currently focused on Internet of Things, having previously led Codenomicon product launches for mobile app security-testing platforms and entry into the medical devices market and industrial control systems market. Prior to joining Codenomicon, Bart worked in startups focused on enterprise network encryption, endpoint data protection, quality management and infosec services. He holds a masterís degree in finance from Golden Gate University, graduated from the Defense Language Institute, and is a veteran of the 101st Airborne Division.
Mike Jawetz leads the systems engineering team, with responsibility for evangelizing and educating customers on the benefits and capabilities of Norse technology. Prior to joining Norse, Mike was a manager and senior systems engineer at VMware, where he provided technical resources and support for VMware's distribution and corporate reseller partners. Mike has also been a senior member of Symantec's systems engineering team, where he worked with HP in architecting and implementing security and availability solutions for their customers. Mike arrived at Symantec through the Recourse acquisition and also spent over 12 years in software development and support for companies such as IBM, DEC, Sun Microsystems, and Seagate Software. Mike holds a BS in electrical engineering from the University of California at Davis.