Acreto Iot Security

Security Shaming the Security Ostrich – Let's Make It A Thing By Bob Gourely, ex-Chief Technology Officer for the Defense Intelligence Agency, and Babak Pasdar, CEO and CTO for Acreto IoT Security We recently had a conversation with the CEO of an IoT manufacturing company to learn more about their strategy for IoT security. The conversation started with his immediate declaration, “Our IoTs are secure!” “You see” The CEO continued, “we use encrypted connections for all of our IoTs”. Given his bold tone, we waited to hear the rest - it never came. We then inquired how he controls access - validates the integrity of the communication - verifies the integrity of data - validates the exchange of functional commands - and handles privacy and identity of the devices. He responded, “You have to understand that our devices aren’t smart enough to be hacked.” It was a dumbfounding response! We asked if his IoT devices use IP. “Yes,” he replied. Are they on the Internet? Again, “Yes”. Respectfully, is it possible they a