Tag Archives: technology

Software Updates To Thump ‘Motivated’ Internet Of Things Hackers

SAN FRANCISCO — Gemalto exec David Etue hinged the success of the nascent Internet of Things industry — and its 30 billion connected devices in four years — to an efficient software update process. Because when 30 billion devices are connected to the Internet, there’s a lot that can go wrong … and fast. “Our adversaries are highly motivated,” Etue told attendees at the RSA Conference in San Francisco, a major annual gathering of security companies. “But if we can get a secure software update process right, at least we can make changes.” He added: “If we get this right, this puts us in a position for long-term success.” France-based Gemalto competes in the software application and secured devices market, and therefore has a big dog in the upcoming Internet of Things fight for market share. Although the IoT presents a huge market opportunity for tech and pure cybersecurity players, its mass scale also terrifies chief information security officers, Etue said. “We don’t generally intentionally put our IoT-connected devices in hostile territory,” he said. “We might put them on the local Starbucks ( SBUX ) Wi-Fi. … That’s not that scary when it’s your fitness meter. It’s pretty scary when it’s a pacemaker.” On the business side, retail stores use sensors to count shoppers — information hedge funds used to pay people to gather outside brick-and-mortar establishments. Farmers use devices to track the development of seeds. Tesla Motors ( TSLA ), Apple ( AAPL ), Toyota ( TM ), Alphabet ( GOOGL ) and Ford ( F ) are already racing toward autonomous vehicles. “So we’re seeing a lot of demand to monetize this data,” Etue said. But on the flip side, consumers are spooked after a fault in Fiat Chrysler ‘s ( FCAU ) Jeep Cherokee GPS system allowed it to be hacked,  Rapid7 ( RPD ) researchers were able to hack baby monitors and Santa Cruz, Calif., residents protested smart meters. “We get really excited about the device, but forget about where that data is from and how it’s being managed,” Etue said. He suggests consumers and developers ask themselves a series of questions before taking on Internet of Things devices. Most of those questions center on how, where and what data are stored; whether it’s accessible by a third party; and who manages the accessibility. “We’re never going to get this right the first time,” he said. “We’re going to have to change.” Image provided by Shutterstock .

Chipmaker Intel Prods Symantec, EMC Market With Authentication Tie

SAN FRANCISCO — No. 1 chipmaker Intel ( INTC ) is diving deeper into the red-hot cybersecurity sector by partnering with U.K.-based credentials manager Intercede to eradicate usernames and passwords, the companies announced Tuesday. Intel stock lifted 2.6% on the stock market today , outperforming a respective 2.1% and 2.9% recovery on the Dow Jones and Nasdaq. The announcement stemmed from the annual RSA Conference in San Francisco, where Intel is presenting the technology. Intel introduced a bevy of strategic initiatives and some alliances at the RSA Security Conference on Tuesday in San Francisco. (Allison Gatlin/IBD) Intercede’s mini-driver and virtual-reader software — pieces of the private company’s MyID platform — will be integrated into Intel Authenticate, a hardware-based multifactor-authentication system. The system runs on Intel’s sixth-generation processor. Authenticators Go Head-To-Head Multifactor authentication is a growing sector under the cybersecurity umbrella, with offerings from EMC ( EMC ) and Symantec ( SYMC ) on the public side and SecureAuth, Okta and Vasco Data Security International on the private side. But SecureAuth Chief Technology Officer Keith Graham told IBD that the enterprise industry is moving beyond mere multifactor authentication which uses at least two pieces of data to confirm a user’s identity. SecureAuth recently unveiled behavioral biometric authentication — a first, they say. Behavioral biometric authentication involves analyzing a user’s typical keystroke and mouse-movement patterns to verify identity. “It’s about adaptive access control,” Graham said. “Multifactor is great but it still hinders user experience and users don’t want to be hindered. . . . So good luck to Intel, but they may have some catching up to do.” The Intel-Intercede program could involve a biometric, however, Intercede products manager Iain Wotherspoon told IBD. Upon a first logon attempt, the user will be prompted to enter a PIN number managed via Intel Authenticate. Intercede’s MyID allows that logon to take place in any Microsoft ( MSFT ) Windows system or domain, Wotherspoon said. From there, an enterprise can opt to add other factors for authentication. “It could be something you have, the computer; something you know, the PIN number; and something you are, a fingerprint,” Wotherspoon said. Collaborating Against Insecurity MyID was the first electronic personification system to achieve FIPS 201 compliance, according to a press release from Intel and Intercede. The federal standard is required for technology used by federal employees and contractors. Intercede CEO Richard Parris praised the combined tech as a “cost-effective, easy to deploy” system for global enterprises. “It’s becoming widely recognized that passwords are insecure and no longer a viable nor effective solution to combat cyber attacks in the enterprise sector,” Parris said in an email. “Collaborations like this are a necessity to create more robust and secure solutions to address one of the most pressing business issues of our time.” Tom Garrison, vice president and general manager of Intel’s business client division, noted the advancements in the Authenticate tech. “We’re excited to advance our work on Intel Authenticate, working with premier security companies like Intercede,” he said in the release. “Together, we’re empowering enterprise to not only dramatically improve identity security, but to do so in a way that improves the ease of use and experience for the business professional.”