Issue link: https://resources.mouser.com/i/1437738
In combining peripheral sensors, gateways, and cloud resources, Internet of Things (IoT) applications are becoming unprecedented targets because of the number of potential attack surfaces and security vulnerabilities they contain. A clear understanding of such threats, their likelihood, and their impact becomes more urgent as enterprises tie these applications more tightly into corporate infrastructures. Using methodical approaches to threat and risk assessments, development teams can harden security where essential or make informed decisions about acceptable risks. The wide range of security vulnerabilities in connected systems finds expression all too frequently in news reports. Even a quick dip into the headlines shows a startling breadth of attacks, ranging from overt, massive distributed denial-of-service (DDoS) attacks to extremely covert advanced persistent threats (APTs) that linger and quietly extract valuable data or prepare for more extreme strikes. Despite the sensationalist nature of these exploits, one of the most important lessons learned from these attacks is that the use of security mechanisms and the creation of a secure system are not the same thing. Hackers successfully penetrate systems that are built with all manner of security mechanisms. Even the most security-conscious development team can unknowingly leave open attack surfaces in their designs. Threat Modeling: Risk Assessments for Long-Term IoT Success By Stephen Evanczuk for Mouser Electronics The complexity of a massively connected system such as an IoT application virtually guarantees a security breach at some point in the system's lifecycle. By applying a methodical approach to security, however, organizations can anticipate threats and lessen the impact of successful attacks. | 23 |