Free course – Ethical Hacking: Hacking the Internet of Things

IoT devices are proliferating on corporate networks, gathering data that enables organizations to make smarter business decisions, improve productivity and help avoid costly equipment failures, but there is one big downside – security of the internet of things remains a problem.It makes sense, then, for enterprises to try to spot vulnerabilities in the IoT gear in their networks before they can be exploited by malicious actors.[ For more on IoT security see tips to securing IoT on your network and 10 best practices to minimize IoT security vulnerabilities. | Get regularly scheduled insights by signing up for Network World newsletters. ]
To help this along, Network World and Pluralsight have teamed up to present a free course, Ethical Hacking: Hacking the Internet of Things, that provides IT pros with skills they need to protect their network infrastructure.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

10 Hot IoT security startups to watch

The internet of things is growing at breakneck pace and may end up representing a bigger economic shift in networking than the internet itself did, making security threats associated with the IoT a major concern.This worry is reflected by investments being made in startups that focus on stopping threats to the IoT, the industrial IoT (IIoT) and the operational technology (OT) surrounding them.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

Does your cloud-access security broker support IPv6? It should.

Cloud access security brokers (CASB) insert security between enterprises and their cloud services by providing visibility and access control, but IPv6 could be causing a dangerous blind spot.That’s because CASBs might not support IPv6, which could be in wide corporate use even in enterprises that choose IPv4 as their preferred protocol. [ Related: What is IPv6, and why aren’t we there yet?
For example, end users working remotely have a far greater chance of connecting via IPv6 than when they are in the office.  Mobile providers collectively have a high percentage of IPv6-connected subscribers and broadband residential Internet customers often have IPv6 connectivity without realizing it.  Internet service providers and software-as-a-service (SaaS) vendors both widely support IPv6, so a mobile worker accessing, say, DropBox over a Verizon 4G wireless service might very well connect via IPv6.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

Triton and the new wave of IIoT security threats

As IIoT grows in prominence, so too does its status as a target for malicious hackers – particularly given its increased impact on the physical world; the latest and potentially most dangerous is called Triton.Triton first reared its ugly head near the end of 2017, according to security company Fireeye. It targets an industrial safety system made by Schneider Electric that monitors and secures valves, turbines and the like and shuts them down if it determines they are about to fail and cause explosions or other consequences that could damage the facility or cause harm to people. (It’s named Triton because it targets the widely used Schneider Electric Triconex industrial safety system.)To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

Edge security: There’s lots of attack surfaces to worry about

The problem of edge security isn’t unique – many of the issues being dealt with are the same ones that have been facing the general IT sector for decades.But the edge adds its own wrinkles to those problems, making them, in many cases, more difficult to address. Yet, by applying basic information security precautions, most edge deployments can be substantially safer.
More about edge networking
How edge networking and IoT will reshape data centers
Edge computing best practices
How edge computing can help secure the IoT

The most common IoT vulnerability occurs because many sensors and edge computing devices are running some kind of built-in web server to allow for remote access and management. This is an issue because many end-users don’t – or, in some cases, can’t – change default login and password information, nor are they able to seal them off from the Internet at large. There are dedicated gray-market search sites out there to help bad actors find these unsecured web servers, and they can even be found with a little creative Googling, although Joan Pepin, CISO at security and authentication vendor Auth0, said that the search giant has taken steps recently to make that process more difficult.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

IoT providers need to take responsibility for performance

Last year saw the continued growth of enterprises adopting internet of things solutions, with companies harnessing the power of wireless data collection, analytics and connectivity to enhance productivity and efficiency in ways we could previously not imagine.Analysts expect corporate spending on IoT in the U.S. to approach $200B in 2019, with global spending exceeding $800B. As adoption has grown, privacy and security advocates have called for regulating IoT to enhance personal privacy and to strengthen the security of IoT devices and services.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

Durham County goes Cisco for enterprise network ops and security proficiency

The government in Durham County, N.C., was spending hours and hours manually provisioning its network and keeping security policies current, so it decided two and a half years ago to upgrade for the sake of efficiency and security.Since then, the government’s IT staff of four has migrated its traditional point-to-point network to a more modern enterprise featuring the software-defined technologies of Cisco’s Application Centric Infrastructure (ACI) and DNA Center that support its 2,100 enterprise end users and online services for 315,000 county residents.  [ Read also: How to plan a software-defined data center network ]
As a result, time spend on certain manual chores has plummeted, freeing up staff time for forward-looking projects.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

DNS over HTTPS seeks to make internet use more private

Unauthorized interception of DNS traffic provides enough information to ascertain internet users’ thoughts, desires, hopes and dreams.  Not only is there concern for privacy from nearby nosey neighbors, but governments and corporations could use that information to learn about individuals’ internet behavior and use it to profile them and their organization for political purposes or target them with ads. Efforts like the DNS Privacy Project aim to raise awareness of this issue and provide pointers to resources to help mitigate these threats.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

The best enterprise level firewalls: Rating 10 top products

You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.Recognizing that you need a firewall is the first – and most obvious — step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company’s needs.Today’s enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it’s installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

REVIEW: Best VPN routers for small business

When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.[ Learn who’s developing quantum computers.]
Below is a quick summary of the results:To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more