IOT CYBERSECURITY AND INNOVATION FOR REGULATED INDUSTRIES

Presented along with Bruce Schneier at the Harvard Club of New York City as part of an invitation-only event put on by Tehama and Pythian on on how CISOs, CIOs, CTOs, VPs of IT, and VPs of Engineering can de-risk their global workforce with secure access, auditing, and compliance in the face of changing regulations, increased competitive pressures, and emerging opportunities/threats like the Internet of Things.

ABSTRACT: Many organizations believe that digital transformation is key to their success over the coming decade. However, far fewer actually know what that means or how to achieve it. In the face of this uncertainty, organizational leaders tend to adopt risk-averse behavior. For information security leaders, this means saying "no" or going slow. However, for business line leaders, this means building fast and cheap products that prove market viability but often end up being essentially insecure. These two organizational forces are at odds and have divergent incentives for success. In order for companies to be successful and harmonize their efforts, they need to have clarity of vision combined with agile and flexible tools that enable them to bring in the right skills at the right time in order to securely manage their emerging IoT initiatives.

"Business leaders are taking a risk-averse approach, which is contradictory to infosec org priorities. To be successful, companies need to bring on the right skills to securely manage growing #IoT systems" - @markbenson of @exosite

— Tehama (@Tehama_io) September 12, 2018