Critical Steps to Secure IoT InfrastructureAseem Jakhar of Payatu Technologies on Actions to Take
As the internet of things plays a bigger role in many business sectors in Asia, the process of securing IoT must evolve, says Aseem Jakhar, co-founder and director of research and development at Payatu Technologies, a security services organization.
Key steps, he says, include creating good visibility of the deployed sensors and products and segregating the auditing and testing process for the IoT and IT infrastructures, Jakhar says in an interview with Information Security Media Group.
"It is critical to do a risk assessment of these IoT sensors, before even deploying security controls, and the techniques or process of doing a risk assessment auditing is different for IoT as compared to IT infrastructure," he stresses.
As a critical step to secure IoT, the CISO and his team need to first make a distinction between the IT and IoT infrastructure and have a process to segregate them, "which in itself is a challenging job," he says.
In this interview (see audio link below photo), Jakhar also shares his insights on:
- The importance of security by design;
- The need to demand security audit assessment reports from IoT device manufacturers;
- The skills sets required for IoT risk assessments; and
- Ways to secure servers and other devices against attacks.
Jakhar is co-founder and director of research at Payatu Technologies. The founder of the nullcon conference, he's also a frequent speaker and trainer at international security conferences including Blackhat, Defcon, Brucon, Hack in Paris, AusCERT, PHDays, Hack.lu and others. He has also authored several open source security tools.