Darktrace: IoT Is Another Insider Cyber Security Threat To Consider
INTERVIEW: Dave Palmer, the director of technology and co-founder of Darktrace talks IoT insider threats at Silicon’s Infosecurity 2017 stand
Cyber security threats against the Internet of Things (IoT) is a much discussed subject, but despite potential fatigue for the subject matter its is still a major talking point of the security industry.
At Infosecurity 2017, Dave Palmer, the director of technology and co-founder of machine learning focused cyber security firm Darktrace, told Silicon, that the IoT can cause the spread of insider threats.
Palmer highlighted that more and more businesses are opting for IT and other systems and equipment as a service from external suppliers, but as many of these suppliers introduce IoT components into their products, they are potentially bringing back doors to the internet and other connected tech risks into enterprises.
Securing suppliers
Among examples of unusual insider security threats being introduced by connected technology, such as fish tanks being hacked, Palmer noted that companies providing refrigeration units with connectivity for maintenance could essentially be exfiltrating, without malicious intent, an enterprise’s data through an un-encrypted channel, thus posing a security threat.
“I think we as businesses engage with our supply chain and the supply chain doesn’t always let us know that they’re introducing IoT risk when they do that sort of thing,” he said in an interview on Silicon’s stand; the full interview can be viewed in the video above.
One way to tackle this is through the use of machine learning, which Darktrace uses to sniff out insider threats by crunching vast amounts of data than could overwhelm an overworked security analyst,
There was plenty more going on at Infosecurity 2017 at our stand and within the cavernous confines of London’s Olympia centre, including a talk from Lord Sebastian Coe on the cyber threats the world of sport faces, and the need for government to pay attention to the ‘technical realities’ of encryption.