Intelligent CISO Issue 12 | Page 10

news New guide offers actionable technical guidance for IoT stakeholders n collaboration with other members of the Industrial Internet Consortium (IIC), Kaspersky Lab experts have formulated the Security Maturity Model (SMM) Practitioner’s Guide. This helps IoT operators define the level of security maturity they need to achieve based on their security goals and objectives, as well their appetite for risk. I The SMM builds on concepts identified in the IIC Industrial Internet Security Framework published in 2016. The SMM is the first of its kind, discussing the newly established security maturity approach for IoT. The model identifies a security framework for IoT stakeholders based on their security levels and assesses the maturity of an organisation’s IoT systems by looking at governance, technology and system management. The guidance has been made with a variety of IoT stakeholders in mind. In addition, the practitioner’s guide contains three case studies that help IoT stakeholders to apply the Security Maturity Model. These include a smarter data-driven bottling line, an automotive gateway supporting OTA updates and security cameras used in residential settings. The SMM Practitioner’s Guide is a companion piece to the IoT SMM: Description and Intended Use White Paper, which was issued in 2018. 10 DEEP SECURE LAUNCHES CONTENT THREAT REMOVAL-AS-A-SERVICE eep Secure, a creator of content threat removal technology, has announced the launch of Content Threat Removal-as-a- Service (CTRaaS), a new cloud-based service that will stop organisations from falling victim to cyberattacks concealed in digital content. D Cybercriminals are increasingly using content as a vehicle for spreading malware, ransomware and undetectable threats. Rather than detecting and protecting against these threats, Content Threat Removal creates an exact visual replica of any content that is shared with the organisation, while stripping away any hidden information. This enables the business to safely access all digital content, as it eliminates threats that may have previously been concealed. The launch of CTRaaS will enable organisations to take advantage of this unrivalled threat removal solution for cloud-first web and mobile applications. Using the Deep Secure API, DevOps teams can build the solution directly into their application during development, ensuring that all content received and managed by the organisation is threat-free. Daniel Turner, CEO at Deep Secure, said: “With CTRaaS, companies no longer have to accept solutions that defend against 95% of threats. Companies can completely eliminate threats in all types of content that their applications are handling.” Issue 12 | www.intelligentciso.com