Virtual Reality Check at CES: Is Cybersecurity Being Taken Seriously at the Development Level?

January 4, 2017

As tech companies converge today in Las Vegas for the Consumer Electronics Show (CES) to unveil hundreds of innovative products that promise to change our daily lives, few of them tout security as a key component or feature. Ultimately it is the consumer that ends up paying the price for this detrimental oversight.

Last October’s distributed denial-of-service attack (DDoS) against Dyn, Inc. – the internet’s equivalent of a phone book — was the result of the largest number of hijacked connected internet devices on record and crippled hugely popular sites like Amazon, Twitter and Spotify. While devastating to companies and consumers, the attack via connected devices undoubtedly served as a much-needed wakeup call to many in the tech industry who have rushed to develop and deploy new Internet of Things connected devices without an appropriate nod to security. That is precisely why we’re running the second-ever CES CyberSecurity Forum at this year’s Consumer Electronics Show (CES), providing the only cybersecurity-focused event at the world’s biggest consumer device conference.

When it comes to cybersecurity, 2016 proved an especially tumultuous year. From Russian hacking impacting the 2016 election cycle to 1 billion compromised Yahoo accounts, hacking is now officially a mainstream issue. There is little doubt left of the impact a lack of cybersecurity plays and how it increasingly affects our ever-connected lives. It also became abundantly clear that cybersecurity can no longer be relegated to the IT or Security department alone, but rather it must be prioritized from the very top of every organization and throughout the entire enterprise. Boards and executives—especially of manufacturers of connected devices—cannot afford to ignore cybersecurity as a significant business risk.

In 2017, we expect to see an increase in industrial IoT hacks, risking risk of cyber attack on critical infrastructure, the continued expansion of using cyber attacks as a way to exercise soft power through espionage and influence, and hackers continuing to innovate at an unprecedented pace. These predictions reinforce the increasingly important role executives and leaders will play as businesses continue to market connected devices that play an exponentially large role in our lives.

Manufacturers, service providers, retailers, consumers and the government have finally started to grapple with critical cybersecurity questions recent attacks have raised: Who is responsible for the security of a device? How can we build security into the manufacturing of an item, rather than treating it as an add-on feature? Should the government regulate the industry and take legal action in the event of a data breach or should the free market and consumer demand drive change?

At CyberVista, we believe that informed leaders and skilled professionals are the most important aspects of an organization’s defense. Investment in knowledge and training will promote a widespread culture of resilience from the boardroom to the CISO to the security operations analyst.

CES is the ultimate gathering place for technology companies from around the world to unveil the latest consumer technologies. While the industry clearly has an incentive to deliver the newest, fastest, and most connected devices, it must be aware that consumers are becoming increasingly aware of privacy and security concerns associated with exciting innovations like self-driving cars, augmented reality, and the Internet of Things. If these new, connected technologies are to achieve widespread adoption, cybersecurity must be a part of the discussion – for the benefits of consumers and businesses alike.

Simone Petrella is the Chief Cyberstrategy Officer for cybersecurity training and workforce development company CyberVista.

In this webinar, we review the rise of cloud access control and access control as a service, its advantages and disadvantages, and how to select the optimal cloud access control solution for your company.

Security leaders need to accept and act on this reality and take measured and thoughtful steps to mitigate the risk and train staff about the growing likelihood of such violent incidents in their facilities and workplaces.