Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

We can still ‘Nail’ security in the IoT

Kenneth van Wyk | Sept. 15, 2015
It’s a matter of getting product developers to overcome their naïveté, ignorance and laziness. Harsh? Yeah, but the truth hurts.

So how do we eradicate Nail? It's a tall order, and I'm not convinced we can do it completely.

After all, you would expect naïveté to dissipate in the face of countless headlines about other products' security fiascoes. I haven't noticed that happening. Naïveté and a bit of misplaced hubris are a dangerous combination.

Ignorance can be overcome, and there are many security guys like me who'd gladly help software developers learn about the security controls they can deploy with their products. That, however, requires the developers to actually attend some training and then put it into practice.

As for laziness - well, there we're up against a very formidable foe, human nature.

Despite that assessment, I'm an optimist. I'm convinced that if you've assembled the right staff, armed them with knowledge and inculcated a culture of putting quality and security first, things will change - especially after my recent encounter with a top-notch security organization. Which of you product developers wants to be first?

Source: Computerworld

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.