Eva Chen has spent most of her professional career building security vendor TrendMicro, which she co-founded back in 1998 and currently leads as CEO. Over the years, multiple types of security challenges have emerged, from the early PC era to mobile devices and now the emerging Internet of things (IoT) landscape, where Chen sees a real need for security and an opportunity to grow her company.
“A lot of people just don’t understand that IoT is really just a bunch of small computers that are all connected to the Internet,” Chen told eWEEK. “All those small computers need security, but a lot of IoT device makers are not traditional IT vendors, and they lack an understanding about what security is needed.”
There are many things that vendors in the IoT world have overlooked. The high-profile hack of Chrysler’s Jeep Cherokee at the Black Hat 2015 security conference, which led to a recall of 1.4 million vehicles, serves as an example for Chen of what’s missing from IoT security today. Among the multiple security missteps that Chrysler took were not fully encrypting data and not closing all the data ports. In the Jeep hack, security researchers were initially able to gain access to the vehicle by way of an open connection on port 6667, which they were able to find using the open-source Nmap port mapping tool.
“Originally, the users and companies would buy devices and then they would choose security products on top of that,” Chen said. “But in the IoT environment, it’s impossible for the user to choose security on top, so therefore we have to work with the IoT vendors or the network service provider to make security happen.”
When looking at the full IoT security landscape, there are three primary layers that need to be considered and secured, according to Chen. The first layer is the device itself, where Chen sees a need for some form of embedded security.
The second layer is the network that the IoT device uses. Whenever an IoT device communicates over a network, there needs to be some form of network security and monitoring. The network layer security can be embedded as part of a user’s router, or it can be delivered as a hosted service model.
TrendMicro is going after the full IoT security stack with technologies that address the concerns of all three layers, including device, network and cloud components. Chen said that for on-device security, her company has security APIs for device makers. To address network security, TrendMicro recently acquired TippingPoint from Hewlett-Packard for $300 million. TippingPoint’s network security portfolio includes intrusion prevention system (IPS) products. In the cloud, TrendMicro has cloud security products to protect infrastructure.
Security research is another area where Chen is putting her company’s energies, as IoT represents an attractive target for hackers.
“Hackers go after valuable data, and therefore we have to understand what data IoT devices collect,” Chen said. “Then we can focus our research on the most valuable data sources.”
Looking at the broader TrendMicro business for 2016, Chen noted that the enterprise and cloud sides of the business are solid. The big challenge is the consumer segment, which represents approximately a third of TrendMicro’s business. With PC shipments continuing to decline, there isn’t quite as much opportunity for TrendMicro as there once was. Plus, Chen noted, the consumer mobile phone security business has not really taken off either.
“Our challenge is making sure that our IoT security technology will be a major part of our consumer security efforts,” Chen said.
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…