The Kudelski Group launched its IoT Security Center of Excellence, building on the expertise of Kudelski Security and decades of innovation in protecting digital TV contents and devices. This entity will provide guidance and technology to help companies across all industries secure their IoT innovations over entire product lifecycles.
Services provided reach beyond hardware and software assessment and evaluations to include recommendations and implementation of effective design & control frameworks, countermeasures to mitigate risks and protect investments, as well as legal services. Further details include:
- IoT Security Design & Assessment: While IoT devices have a well-developed and strong functional architecture enabling business operation, the security architecture has its own rules and methods to reach the required level of reliability and security, creating constraints that are potentially not aligned with functional requirements. Thanks to their extensive know-how in optimizing security without restraining functional possibilities the Kudelski Group’s experts help increase device security to lower risks and enhance performance early in the design cycle, using hybrid architectures.
For existing products, in-depth evaluations are performed in the Group’s state-of-the-art laboratory to assess the security of chipsets, hardware and software components used in IoT devices and ecosystems. The analysis may result in identifying vulnerabilities that could have led to service theft, device cloning or breach of hardware security features to gain control over a system, or in reassuring the client that the device is secure.
- IoT Security Posture Improvement: Once vulnerabilities, flaws and weaknesses are identified, best-in-class technologies are implemented to ensure security controls in embedded systems, software/firmware, communication protocols, platforms and applications. Key management, endpoint authentication, data encryption and hardware-based roots of trust are combined with the latest methods for software security including application code obfuscation and white-box cryptography techniques designed to resist even the most advanced threats.
- IoT Cybercrime Countermeasures: If a system comes under a sustained attack or emerging threat, the IoT Security Center of Excellence has the ability to provide prompt advice and services. Proactively, it can embed sleeper countermeasures into devices which can be activated against threats and carry out rapid prototyping powered by threat intelligence from the Kudelski Security Cyber Fusion Center. In the event intellectual property is infringed upon, Kudelski legal teams can provide support for litigation in almost any court of law globally.
The IoT Security Center of Excellence is driven by advanced capabilities that ensure customer devices and systems meet desired security levels at all stages of development before and after launch. A long-term partnership approach offers product developers in all industries the ability to focus on their core products while being assured that security is maintained over time. Key to success is a focus on establishing the right balance between security measures, risk and cost; a strategy that can accelerate time-to-market, as well as protect and provide competitive advantage.
The IoT landscape is expanding rapidly with analysts such as Gartner, Inc. anticipating 25 billion connected devices by 2020. Yet, while driving innovation and growth, serious concerns have arisen over the security of the devices, IoT ecosystems and privacy and integrity of data transmitted. These devices can be used as a base for large scale attacks. Recently, a massive denial of service attack choked Internet access to popular websites, carried out in part by common IoT devices hijacked by the Mirai botnet. It was an unsettling development in a cybercrime realm Cybersecurity Ventures had already predicted would grow from $3 trillion in 2015 to $6 trillion annually by 2021.
The IoT attack surface is huge and growing, comprising a vast ecosystem of devices and technologies, varied communications protocols, platforms, applications and infrastructure. For vendors and integrators, ineffective security could severely limit and harm product and service adoption, brand reputation, return on investments and more. As a result, there’s an urgent need for proven security tactics and technology for the IoT space. Kudelski Security is able to leverage a long history in digital content protection, and experience securing more than 400 million PayTV devices globally, to guide customers to success in the nascent Internet connected devices marketplace.
“Companies across all industries have IoT initiatives planned or underway. Unfortunately, new threats are emerging and jeopardizing success from the outset,” said Rich Fennessy, chief executive officer of Kudelski Security. “Fortunately, we possess a long history of innovation that directly addresses IoT security demands, supported by the best-practices of Swiss engineering. From vetting chipsets to identifying vulnerabilities to embedding countermeasures and providing legal support, our one-of-a-kind capabilities support all stages of IoT security. In turn, our customers can confidently carve out vital, early-stage market share and build sustained success in a bourgeoning space offering lucrative opportunities.”
For more information please visit www.kudelskisecurity.com.