Welcome to the SecAware blog

I spy with my beady eye ...

30 May 2017

NBlog May 30 - more awareness tips

June's IoT awareness module will soon be ready for packaging and delivery. While proofreading continues, six new posters are winging their way to us and the newsletter will be completed in the next few hours. 

The primary purpose of the newsletter is to bring readers bang up to date with the current state of the art - tricky in such a fast-moving field as IoT. Having been systematically researching IoT security for quite some time though, we have amassed plenty of relevant news clips and quotable comments to weave into a coherent story.

We always try to present a reasonably comprehensive, accurate and balanced perspective on the monthly topic. Clued-up readers may spot errors or omissions and we're OK with that. If they talk things through with their less well informed colleagues (even if they poke holes in the content or disagree with us), they will be spreading awareness ... which is exactly what we want to achieve - awareness-by-proxy again. It's a no-lose situation, luckily, since try as we might we can't be experts in absolutely everything!

Another way to prompt discussion is to be outspoken or contentious. We've deliberately taken the line in the materials that IoT security is immature, so organizations should be extremely wary of using IoT, especially in business- and safety-critical situations where IoT is arguably best avoided. We suspect proponents of IoT, including suppliers of high-end things specifically designed to be secure, would see things differently. At the end of the day, it's a business decision one way or the other. Security-aware managers and professionals are more likely to make the right call on IoT than their naive peers. For a start, they appreciate that there are choices in this area, taking account of the information risks and business opportunities. They have some understanding of the background, the business and technology context. In other words, security awareness supports governance and management.

Remember this blog the next time you find yourself thinking management doesn't have a clue. Unawareness is a curable condition. Clues R us.


No comments:

Post a Comment