When you hear someone talk about the Internet of Things (IoT), you may be thinking about toys and smart lightbulbs. The concept of IoT includes many more application areas, including manufacturing, energy, finance, health care, transportation and other things that we depend on for our everyday lives and wellbeing. People need to be able to trust IoT devices and systems as they are handling increasingly critical data and tasks. Therefore, we need to figure out how to do cybersecurity for IoT, particularly as IoT is used in critical applications and infrastructure.
I recently sat down with renowned security industry executive Brian Contos, CISO of Verodin, for a conversation on the Cybersecurity Effectiveness Podcast series. Brian wanted to hear my thoughts on security for IoT and critical infrastructures, and I got the chance to talk to him about how we address those problems in the research that we do here at SRI.
In the podcast, we talk about the work on cybersecurity for control systems in the oil and gas sector that Brian and I collaborated on more than a decade ago, and the positive impact the continued work has had for that industry. We discuss IoT security, including the challenges, responsibilities, and possible approaches toward solutions. We emphasize the importance of securing sensors from insidious attacks and that we must be forward-looking to bring security to the rapidly evolving field of IoT.