There’s lots of fear, uncertainty and doubt (FUD) concerning security and the Internet of Things. But for enterprises, IoT risk is no joke – and may have already arrived.

The “Internet of Things” (IoT) is everywhere in the news these days. The buzzword-to-beat-all-buzzwords, “IoT” encompasses everything from Internet-connected egg trays and driverless cars to smart manufacturing and smart infrastructure. Under the covers, the constituent elements of IoT – things like remote sensing, mobile technology, cloud computing, SaaS and ‘big data’ – are hardly new. Still, the confluence of all these technologies is new, and it’s fueling a lot of innovation. It’s no exaggeration to say that we stand on the cusp of a rapid expansion of connected “stuff” in our daily lives, as smart home products hit the market and smart city projects allow strapped federal, state and local governments to realize huge  savings.

Continue reading …

Few would try to argue that cloud computing, DevOps, and mobile computing aren’t having a profound impact on IT and how enterprises secure their environments and data. But you just wait for what is in store for the decade ahead. In his Friday morning keynote, Securosis president and principal analyst Mike Rothman will discuss how these technologies and movements will change information security and how security professionals do their jobs for years to come.

Continue reading …

Web application vulnerabilities, when not patched or mitigated, continue to pose significant risk to enterprise apps and data. Just prior to the Qualys Security Conference 2014 in Las Vegas, I reached out to Will Bechtel, director of product management for Qualys Web Application Scanning (WAS) to discuss web application security trends and get a few highlights on Qualys’ web application security strategies that will be discussed during the show.

Continue reading …

There’s a connected device tsunami coming. Everything from light bulbs to refrigerators to cars to industrial control systems are increasingly becoming Internet connected. Many are under the impression that this “Internet of Things” is primarily a consumer security and privacy issue. Turns out, it’s not. But what precisely will the Internet of Things mean to enterprise security managers and CISOs and how they protect their organization’s infrastructure and information?

Continue reading …