Jai Vijayan’s recent Dark Reading article on the Internet of Things (IoT) highlighted five things we should to prepare for its use in the enterprise. Below are my thoughts on his recommendations.
Three years ago I performed a penetration test of a transportation company in the Midwest. Save for a few low-severity vulnerabilities, Company X had a well-managed public-facing network infrastructure. Satisfied with the status of their network security, I turned my attention to the human network.
Searching for Company X on sites like Twitter, Facebook, and LinkedIn, I discovered employee names and corporate activities that were not shared on its website. As the search continued, Company X’s culture, processes, and lexicon emerged from the social dialogue.
Within three hours I was able to collect identifying information on key employees including birth dates, employment and educational history, and hobbies. These data points were cross-referenced with other resources on the Internet to profile Company X’s community involvement activities.
Dan Pallotta of Pallota Teamworks authored an interesting HBR blog post outlining five actions that Apple CEO Tim Cook should take following his appearance before Congress. Pallota’s article outlines five actionable steps to achieving something to which Tim Cook, and many information security teams, aspire – connection with their customers. Continue reading