Endpoint Security , Governance & Risk Management , Internet of Things Security

IoT in the Enterprise: Managing Risk and Control

KPMG Experts Offer Security Advice for IoT Deployments
Piers Hogarth-Scott and Katherine Robins of KPMG Australia

Enterprises want to make greater use of connected devices to develop new services and gain new efficiencies, but security is a paramount concern.

See Also: 4 Key Elements of an ML-Powered NGFW: How Machine Learning Is Disrupting Network Security

Large IoT deployments, which could encompass millions of sensors, increase the attack surface, says Piers Hogarth-Scott, who leads KPMG’s IoT practice in Australia.

Some of the sensors have limited capabilities; they grab a bit of data and push it to the network, which limits the type of security technologies that be applied, says Katherine Robins, a partner in KPMG’s cybersecurity practice. “Depending on what the sensors are, there isn’t a lot of compute for you to be able to put a security stack on these things,” she says.

For example, some devices many not be able to use security certificates. Often, that means the security is pushed downstream to a controller or an edge network within an organization, she says.

“These are all of the things that people worry about when they’re talking about IoT,” she says.

In this video interview with Information Security Media Group, Hogarth-Scott and Robins discuss:

  • The security challenges around managing large numbers of remote IoT devices;
  • How organizations are managing detection, response and recovery for IoT devices;
  • Why there’s increasing demand for basic security verification of IoT devices.

Hogarth-Scott is a partner at KPMG’s Digital Delta in Australia. He is national leader for KPMG’s IoT practice and is chairman of the executive council for the IoT Alliance Australia.

Robins is partner with KPMG’s cybersecurity services in Australia. She formerly was a partner with Deloitte Australia and the principal security expert for Telstra’s chief technology office.

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.