Guests: Emily Miller | Ted Harrington | Dean Weber
Host: Sean Martin
While some people may look at their mobile phone and think that it is more than just a phone … that it actually has a persona. Some may even give it a name. Or, naturally, they use the name given to the personal assistant that resides “in” the phone as they call for it … “Hey!”
The same goes for the digital personal assistant devices taking over many homes. Similar commands and conversations are taking place with these named “things.” Many of these devices are finding their way into the workplace as well. Sure—why not?
For those fortunate enough to get to play with robots, there are likely units that get proper names—even if only a code name for the project—and therefore, these robots have an identity. One could argue they have a persona as well.
But, what about the rest of the connected “things” that we use in our homes to make us more efficient? And at work to help us do our jobs? And in our hospitals to deliver better patient care? And in our cities to help streamline traffic and the overall flow of stuff throughout the neighborhood? What about our scooters bikes, cars, trucks, planes, trains, and boats? And what about all of the sensors that collect data from—and feed data to—all of these other things so they can operate properly?
Do these things have personas?
Do they have identities?
What happens in a world where these things don’t actually have an identity and there is no way for anyone (or any machine) to identify these things and to tell them apart from the rest of the devices? What happens when they do have an identity, but the means with which they have been assigned that identity is flawed? Ultimately, how does the existence or non -existence of an identity for every device connected to the Internet change the way we deploy, use, and manage all this stuff?
Can we survive in a massively-connected world if we don’t get the identity angle of all this correct?
How can you be sure?
As I connect with Emily, Dean, and Ted, we look at the current state of security in IT, OT, IoT, and ICS — and the connections between these different environments.
Together, we explore how identity plays a critical role in ensuring a safe environment that can be traced to specific sensors, devices networks, and people. And, with the massive numbers of things hitting the market—and our society—we attempt to answer the question surrounding our ability (or lack thereof) to scale the controls and protections to minimize—or perhaps even eliminate—excessive exposure to risk introduced by these things.
Finally, we also look at the relationships formed within this ecosystem. What relationships do people build with their devices? What relationship do these devices have with the networks to which they connect? What relationship gets established between the devices—both on a 1:1 perspective and a 1:many or many:many perspective?
Listen in to learn more … just as I did as we began to dig into this topic.
About Emily Miller
Director of National Security and Critical Infrastructure Programs, Mocana
Emily began her career focused on critical infrastructure and infrastructure protection during her tenure supporting the Department of Homeland Security and the Department of Health and Human Services. Expanding her expertise to cyber, Emily moved to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in 2014. There, she served as the Chief of Process Management, Measurement and Exercise Planning, At ICS-CERT, Emily learned first-hand the cybersecurity challenges facing control systems and what it will take to protect our nation's infrastructure from cyber threats. Emily joined Mocana in 2017 to continue her personal mission of saving lives by reframing the approach to cybersecurity and working to develop new solutions to seemingly intractable problems.
Find Emily on LinkedIn
About Dean Weber
With more than 43 years of experience in information and physical security, he leads Mocana as Chief Technology Officer after serving as director and CTO at CSC Global CyberSecurity. His background includes Chief Technology Officer at Applied Identity, which was sold to Citrix. Earlier, he was Chief Security Architect at Teros; a leading manufacturer of application security gateways, also acquired by Citrix. He was responsible for developing and implementing solution deployments including assessment and intelligence gathering at TruSecure/ICSA Labs (now Verizon Business Security Solutions). Mr. Weber helped found a large Midwestern reseller-integrator specializing in secure architectural design and deployment for both public- and private-sector clients, and he served for many years as its technical vice president. Additionally, he spent several years in the U.S. Navy working in physical and electronic security. Mr. Weber is a frequent speaker at information security events such as InfoWorld, ITEC, InfoSec Europe, InfraGard, Secret Service Security Roundtable, ISSA, and various focus engagements.
About Ted Harrington
Executive Partner, Independent Security Evaluators
Ted Harrington drives thought leadership initiatives for Independent Security Evaluators (ISE). He has been named both 40 Under 40 (SD Metro) and Executive of the Year (American Business Awards), and organizes popular hacking concept IoT Village. He holds a bachelors degree from Georgetown University.
The At The Edge podcast series is made possible by the generosity of our sponsors.
If you’d like to learn more about supporting our conversations here at the Intersection of IT Security and Society, we invite you to explore our column sponsorships.