PREDI C TI VE I NTEL L I GE NC E
To understand the problem posed by
authorisation creep you first need to
understand the difference between
authentication and authorisation.
build the better phish-trap, which is why
there are some new terms associated
with this old-school brand of attack,
such as: Spear Phishing, Whaling and
Clone Phishing. (IoT), you’re not alone. Consumer
‘smart’ devices overwhelm the public
imagination when it comes to IoT. The
surface area of this ecosystem and its
vulnerability to breach is enormous.
8. Internet of Things A ‘headless’ device, which has no clear
user interface and may even communicate
through archaic or unsecured protocols,
is an attractive target for crooks. What’s
crucial is to have an identity and access
If you think of a certain talking home
speaker system or your smart oven
when you think of the Internet of Things
www.intelligentciso.com
|
Issue 23
management solution that encompasses
all of these headless devices (Zero
Trust), ensuring that their access to the
network is licit, and that no bad actors
are hijacking the device to access your
network. The consequences of an IoT
breach can be dire, but avoiding breaches
isn’t necessarily simple or straightforward.
Today’s IoT ecosystem is full of
mismatched headless or limited UI devices
that may be ticking time bombs. u
35