About Us

Microsoft Made its Secured-core Certification Generally Available

Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available, addressing security concerns associated with the growing popularity of edge computing. Edge Secured core is a new certification added to the Azure Certified Device program for IoT devices running a full operating system, such as Windows 10 IoT or Linux. While Windows 10 IoT support is generally available, it is still in preview for Linux.

IoT devices at the network edge pose a significant security challenge. IoT device networks that transmit data back to enterprise systems for analysis have several flaws.

Charles Broadfoot, Senior Program Manager at Microsoft expressed, “citing an in-house study conducted in collaboration with Poneman Institute that about 65% of companies adopting IoT solutions mentioned edge security as their topmost priority. Devices that are targeted in IoT attacks can be bricked, held for ransom, or exploited to launch further attacks. The common attacks associated with the IoT devices include stolen IP, data theft, and compromised regulatory status.”

Microsoft initially unveiled the Secured-core concept in 2019 to compete with Apple’s monopoly over its hardware and operating systems. Microsoft collaborated with Windows PC manufacturers as part of this initiative to gain some control over hardware security and have a say in how devices could prevent attacks from exploiting firmware dominance over the Windows kernel.

Microsoft expanded the program later in 2021 to include Windows servers and Azure stack hyperconverged infrastructure (HCI) servers.

Secured core was not intended to be branded on PCs, but rather to certify security for non-Microsoft hardware running Windows. Microsoft has listed devices that are part of the program, including edge and non-edge machines, in its Azure Certified Device catalog.

Apart from validating a hardware device for specific security hardware technology, the certification will ensure users that they are running an operating system with built-in security and that continuous threat monitoring with IoT services such as Microsoft Defender for IoT is being used.

Edge Secured-core will provide IoT device makers with a simple, low-cost differentiator that will allow customers to identify high-security configurations on their devices.

Read more articles:

What is IoT Security?

Intertrust Platform Now Features Edge-to-cloud Security

Intertrust is expanding its flagship Intertrust Platform with robust, scalable authentication features to protect and manage IoT devices and data in zero-trust circumstances. New features provide end-to-end security and compatibility across data operations and multi-vendor IoT devices for data-driven businesses. Intertrust delivers trustworthy data technology and services to major global organizations, ranging from mobile, consumer electronics, and Internet of Things (IoT) manufacturers to service providers and corporate software platform firms.

Intertrust’s new edge-to-cloud capabilities combine a highly scalable secure device authentication architecture with application protection technology that safeguards devices running at the endpoint from malicious assault, allowing businesses to securely link IoT devices to cloud services. These devices relay trusted data to Intertrust Platform’s data operations layer, even if the data goes across untrusted networks. The control software then analyses and sends these devices reliable authorization signals. The Intertrust Platform offers device management capability through a “single pane of glass,” allowing businesses to choose devices from a variety of vendors while ensuring consistent and reliable security.

The Intertrust Platform gives businesses secure interoperability, allowing data management systems to work together as one. Enterprises can use the Intertrust Platform to choose best-of-breed technology via diverse data management systems from top data platforms, cloud service providers, and other vendors. When dealing with competitors and partners in complex legal and security contexts, this helps avoid vendor lock-in and provides scalability. Apps built on the Intertrust Platform, such as AI, benefit from secure access to controlled data.

Talal G. Shamoon, CEO of Intertrust commented, “Intertrust Platform enables enterprise customers to run interoperable services and devices in the face of growing threats and complex regulatory frameworks. With the addition of edge-to-cloud security for IoT devices in zero-trust networks to the Intertrust Platform, customers now have a comprehensive, secure and scalable platform that interoperates with best of breed data services, AI, and IoT devices in one consistent data operations and device management system.”

Intertrust’s solutions for digital media and energy applications are everywhere. The Intertrust Platform currently includes zero trust features in billions of devices. Intertrust is collaborating with global energy and mobility companies to allow IoT applications in renewable energy, modern grids, and energy retail environments. In addition, the Virtual Power Plant developers will provide security and interoperability between assets operated by diverse businesses.

Read more articles:

What is IoT Security?

What is Cloud Security?

AppOmni Introduced Developer Platform!!

T-Mobile and Deutsche Telekom Launch T-IoT for Enterprises

T-Mobile US and Deutsche Telekom AG introduced T-IoT, a complete enterprise solution for global IoT connectivity, support, and administration.

T-IoT provides businesses with a single worldwide staff and a single global solution to manage all of their cross-border connections! It will be offered in 188 destinations and on 383 networks around the world.

In addition, there is limited flexibility in how businesses pay for IoT. Each carrier has its own payment strategy, making it difficult for companies to efficiently deploy IoT globally. Scalability will be even more crucial with 5G to enable meaningful use cases, analytics, data insight, and ROI.

T-Mobile and Deutsche Telekom have teamed up to bring T-IoT to the masses. This global service embodies two terms that aren’t often connected with the Internet of Things: simple and versatile.

President, T-Mobile Business Group, Mike Katz said, “The Un-carrier rewrote the rules of wireless. Now, as America’s 5G leader, with the fastest, largest, and most reliable 5G network, we’re writing the rules of the 5G era, and we’re doing it in favor of customers and businesses. With T-IoT and our award-winning networks, we’re poised to help businesses realize the true potential of IoT by completely disrupting the status quo of how IoT is purchased and managed.”

“One provider. One solution. That’s ‘making it simple’ taken at its word. Many industries, such as healthcare or automotive, depend on international supply chains. And their customers today rely on receiving service and assistance anywhere in the world. We’re able to do that with this transatlantic collaboration, with our networks, for the best customer experience worldwide,” says Hagen Rickmann, Managing Director Business Customers, Telekom Deutschland.

Senior Vice President Research and Development, Volker Lang says, “We combine digital medical solutions and state-of-the-art communication technology. With Home Monitoring, the patient’s vital data is digitally available to the medical team and is constantly analyzed. If threshold values are exceeded, the medical team can react immediately. This only works with an absolutely reliable network that transmits the data reliably at all times. We are active in over 100 countries. The T-IoT infrastructure is indispensable for us.”

DigiCert Acquired IoT Cybersecurity Company Mocana

 DigiCert, Inc., a global leading provider of TLS/SSL, IoT, and other PKI solutions, announced that it has acquired Internet of Things (IoT) cybersecurity firm Mocana. The integration of DigiCert and Mocana technologies offers IoT manufacturers and operators with a comprehensive solution for controlling security throughout the whole lifecycle of IoT devices. The transaction’s terms were not disclosed.

DigiCert’s foothold in the fast-growing IoT industry will be strategically accelerated as a result of the purchase. Organizational investment in IoT platforms for operational efficiency, digital transformation, and competitive differentiation, according to IDC, will drive growth to more than 55 billion linked devices by 2025.

“IoT security has been a challenge for device manufactures and operators. With the addition of Mocana, DigiCert is building on its vision for delivering digital trust, a growing necessity in the IoT market as smart devices become ubiquitous in every corner of our personal and professional lives. We are excited to introduce new and existing customers to our integrated platform and welcome the addition of Mocana’s expertise in IoT technology and the industrial and manufacturing verticals to the DigiCert team,” said DigiCert CEO John Merrill.

“We have had a strategic partnership with Mocana for years and truly value their contribution to our product portfolio. We are excited about the backing from DigiCert as a global leader in IoT security,” said James Kline, senior director of program management at ABB Inc.

Customers can use DigiCert and Mocana together to manage device identity, secure communications, prevent device tampering, and remotely as well as securely upgrade firmware and settings once in the field. This end-to-end platform eliminates security risks and allows digital transformation, which is enabled by the convergence of information technology (IT) and operational technology (OT).

“Mocana is excited to be joining the DigiCert team. Together, our solutions uniquely solve the challenges of IoT security, from embedding security protections on-chip or at device manufacturing to on-device secure communications and firmware updates once in the field,” said Mocana CTO Srinivas Kumar.

Claroty Completed The Acquisition Of Medigate, A Leader In Healthcare IoT Security

Claroty, a cyber-physical systems (CPS) security firm for industrial, healthcare, and enterprise sectors, announced that it has finished the acquisition of Medigate, a leading healthcare IoT security firm. Claroty is now in a unique position to secure the Extended Internet of Things (XIoT) by providing unrivalled visibility, protection, and threat detection for all linked enterprises through a single solution.

“Highly interconnected CPS have become pervasive in industrial and healthcare environments in recent years in order to drive innovation, resilience, sustainability, and better health outcomes. However, greater connectivity begets greater exposure to risks, with serious consequences for patient safety, public safety, and the environment. Together, Claroty and Medigate will combine our deep domain expertise and specialized technologies into a comprehensive platform that will extend across all types of CPS and connected devices to secure the XIoT. We envision a future where cyber and physical worlds safely connect to support our lives, and with Medigate’s talented team and powerful capabilities, we have what it takes to make this vision a reality,” said Yaniv Vardi, CEO of Claroty.

Across 2021, ransomware attacks targeting CPS in all industries hit new highs, with 82 percent of healthcare systems reporting IoT cyber intrusions in the last 18 months. As a result, a slew of new security legislation have emerged, pushing corporations to take action.

“By joining forces between Medigate and Claroty, we are forming the only cybersecurity company that can deliver a best-of-breed solution for all the critical assets across healthcare, industrial, and enterprise environments that comprise the XIoT. Our combined talent, technology, and IP empowers us to truly change the way organizations identify, secure, and manage these connected assets on a massive scale, thereby delivering even greater value for our customers,” said Jonathan Langer, co-founder and CEO of Medigate.

Claroty’s $400 million Series E round, announced in December 2021, was used to fund the transaction. SoftBank Vision Fund 2, Bessemer Venture Partners, Schneider Electric, Rockwell Automation, Standard Investments, Team8, and ISTARI were among the investors in the round (a global cybersecurity platform established by Temasek). 

BlackBerry and Deloitte Formed an Alliance to Secure IoT Software Supply Chains

BlackBerry Limited and Deloitte announced that they are collaborating to assist OEMs to secure their supply chains by building mission-critical applications.

Deloitte will use BlackBerry® Jarvis tool to provide open source (OSS) software, common vulnerabilities and exposures (CVE) and software data bill (SBOM) analyses to help its clients in the medical, automotive or aero industry, to ensure safe and secure software as part of the agreement. 

In order to ensure the safety of its traffic management and wider transport infrastructure, the G7 Transportation Ministry has selected the joint software and services of the companies.

“We’re thrilled to partner with Deloitte to help OEMs and those responsible for critical infrastructure better understand their embedded systems security challenges with a view to ensuring their end products are both secure and updated with the most recent security patches. Just as a health-conscious grocery shopper can benefit from scrutinizing nutrition labels on food packages, an embedded software developer can gain a whole host of insights by leveraging tools and expertise that enable them to detect issues in their supply chain that may have real implications for intellectual property disputes, security risks and overall quality,” said Adam Boulton, Chief Technology Officer, BlackBerry Technology Solutions. “

BlackBerry Jarvis is designed to respond to the increasing complexity and threats to cyber-security among multi-stage supply chains. It enables OEMs to monitor their code origin and each software asset in their supply chain to ensure their products are both safe and upgraded with the latest safety patches.

By identifying vulnerabilities, BlackBerry Jarvis address the need for deeper action in minutes. Otherwise, manual scanning would take a large number and impractical time for a large number of experts.

Stephen Meagher, Director of IOT for Risk Advisory, Deloitte said, “Deloitte is very excited to partner with BlackBerry. Our already productive relationship will focus on key mobility and other market opportunities.  We’re confident that BlackBerry’s deep security heritage and expertise complimented by Deloitte’s world leading Risk Advisory teams will create a compelling value proposition for new and existing clients.”

IoT Security – An Overview

The Internet of Things (IoT) is a network of physical objects or ”things” connected through the internet to transfer data using software, sensors and technology.

IoT security encompasses the processes, protocols and technologies to protect IoT devices and networks. It also includes devices that are not meant for network security, such as smart industrial machines, smart medical equipment, automobiles, entertainment gadgets and personal IoT gadgets like a fitness band or smartwatch that employees bring to work. IoT gadgets are being introduced into organizational and customers’ networks at a stunning rate. While IoT solutions are empowering and energizing new approaches to improve effectiveness, adaptability, and usefulness, they additionally carry a danger to the organization. IoT devices, which are frequently constructed without security, have become a new threat route for cyber criminals to improve their attacks.

Different Layers of IoT Security

Future IoT linked devices will have complicated levels of systems like hardware, firmware, and software functioning at various abstraction levels.  The constituents and actions of the layer are dependent on the layer underneath it. This establishes a security hierarchy and emphasizes the importance of having a solid foundation framework.  For example, the firmware relies on hardware and the operating system depends on firmware.

Standard Security framework

The unfortunate reality is that connected devices are possible targets for cyber attackers looking for unauthorised network access, illicit device control, or IoT users’ data theft. The devices from different organizations have different levels and types of securities that can result in unexpected security flaws and unsafe services. Hence, organizations developing IoT solution should collaborate and develop a basic Standard security framework.

Customer’s Trust

This is already proving to be true. Recent findings of security flaws in the new autopilot system of car models have prompted huge recalls and security improvement to some major automobile companies. The videos of hackers hacking software and controlling cars through poorly secured software systems were all over the news and social media. Users of IoT solutions are worried about the possible consequences of a cybersecurity compromise. It indicates that IoT security market will grow fast with many opportunities.

Customer’s Privacy

The Internet of Things (IoT) market is in the initial phase of growth. The Internet of Things (IoT) sector is quickly evolving and will go through numerous stages of development. Similarly, as the market evolves, issues about the privacy and security of customers will evolve. An IoT gadgets deals with personal information of customers, their purchase history, things they like (preferences), location and behaviour. Patients on IoT based healthcare system would want their personal real-time data to be sent to medical staff like doctors or nurses, not to healthcare insurance companies. As a result, security policies should be multidimensional in order to recognize and respond to potential market disruptions.

It is astonishing that most IoT users have been sluggish to adopt standard cyber security measures already available in the market. Less than 50% of organizations employing IoT claimed they have adopted security solutions like Identity and access management, firewall for DDoS protection, etc. Considering the ubiquity and importance of IoT devices in the future world controlling everything from household devices like lights, fans, ACs and other objects like car, organizations need to start implementing security measures as early as possible.