Black Hat Web Series BleedingBit and IOT devices - Ron Chestang Senior Print Security Advisor
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Black Hat Web Series
BleedingBit and IOT devices
Ron Chestang
Senior Print Security Advisor
1 c04912106, March 2018, Rev. 11
Future Workplace
Driven by changes in how people are working – and what they need from the office environment
Traditional office Emerging office
More informal meeting areas
for co-creation, collaboration
Interactive
Agile workspaces conference rooms
for individual productivity for meetings,
collaboration
Work outside the traditional office increasing
Integrated communal spaces
for socialization, play, wellness
Home Cafe/public space Airplane
2 HP Confidential
Today’s Meeting Room Technology
The market is busy innovating, and technology options are multiplying
Simplified Projection Team collaboration devices
3 Barco Clickshare, Intel Unite, SmartBoard, Cisco Spark, MSFT Surface Hub
The Changing Threat Landscape
Commercialization of attack software
Black-hole Exploit Service Command Console Autosploit loader
4 HP Confidential
5
Context setting: Gartner IoT Reference Model
Use the IoT Platform Solution Reference Model to Help Design Your End-to-End IoT Business Solutions
6 Published 4 September 2018 - ID G00348899
Required Next Steps
Insist on
Procure devices
common
with remote
interfaces &
management in
management
mind
tools
Establish IoT
Own security policy
organizational appreciating
responsibility Plan to diversity of
endpoints
Manage
& Control
7 c04912106, March 2018, Rev. 11
Print jobs on network
Network Access
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
https://thehackernews.com/2019/07/android-security-
update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-
https://threatpost.com/amazon-admits-alexa-voice-recordings-saved-indefinitely/146225/
+Cyber+Security+Blog%29&_m=3n.009a.2020.cn0ao0do5o.195l
9 c04912106, March 2018, Rev. 11
https://www.techradar.com/news/print-related-data-breaches-affected-60-of-businesses-last-year
NSA Presentation at RSA 2018
• 93% of 2017 incidents preventable with best practices
• In 2018, NSA stated 90% of cyber incidents due to human error
GOOD CYBER HYGIENE
10 c04912106, March 2018, Rev. 11United Kingdom National Audit Office
• 80% of cyber attacks preventable with basic cyber hygiene
BASIC CYBER HYGIENE
11 c04912106, March 2018, Rev. 11©2017 HP Inc. | All rights reserved. Content is subject to change without notice. | HP Confidential
12
Key Takeaways
1. Every purchase decision
is a SECURITY decision 5. Data breach monitoring
and reporting for all
2. CIO & CISO must get endpoints
involved early in all
endpoint procurement to 6. On-going evaluation and
ensure and drive security monitoring of endpoint
requirements into the protections deployed Assess Build
endpoint procurement
decisions risk controls
7. Treat endpoint devices as
3. On-going assessment the first line of defense
and monitoring of Monitor
endpoint risks 8. Include all endpoint controls
devices in your policies
4. Increase data controls for and security action plans
endpoint devicesRonald.Chestang@hp.com
www.hp.com/thewolf
www.hp.com/reinventsecurity
13
© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.You can also read
