Articles
Pages
Products
Research Papers
Search - Easy Blog Comment
Blogs
Search Engines
Events
Webinar, Seminar, Live Classes
Thursday, 06 April 2017 08:51

NASA official warns of 'the internet of dangerous things

By: 

The dangers emerging from the expansion of the internet of things requires rethinking decades-old security practices and education curriculums, according to a top IT official at NASA.

At the GITEC conference April 2, Director of the IT Directorate and CIO at NASA's Ames Research Center Jerry Davis said while the "internet of dangerous things" has the potential to improve data analytics and increase efficiency, this greater connectivity is "beginning to change our lives as we know it, in not such a good way."

With billions of devices connecting to the internet, security practices have to address the possibility of once-improbable "black swan" events becoming the order of the day.

"Security has always been everyone's problem," he said. "We have to rely on everybody that's in the community to mitigate these issues."

Davis pointed to recent instances where IoT attacks have taken place, such as when researchers remotely hacked a Jeep's steering, transmission and brake systems and when Iranians accessed a computer at a New York dam.

Davis said that much of the technology users rely on is built on "60 years of bad software development," which has resulted from a rush to get new technology to market.

Software "runs everything" and "continues to be the primary attack vector," he said, adding that widespread reliance on poorly written and insecure software creates a safety issue.

The reason why software security is weak, Davis said, is because industry is "all about speed to market." Plus, there are "not enough people out there who can actually build these things the correct way," he said.

Exacerbating the concerns about the internet of things, Davis said, is that the information-sharing systems currently in place are "just completely broken."

Even though security groups share the same mission to protect users, Davis pointed to shareholder issues and concerns about attribution and embarrassment as reasons why both public and private groups are reluctant to share.

To keep up with the emerging security problems, Davis said that industry and government alike must work to foster security skill sets.

Both government and industry have to navigate the shortage of cybersecurity specialists, but government is at a disadvantage because of its protracted hiring process and inability to compete with top private-sector compensation, Davis said.

In addition to hiring challenges, "once you get them in, trying to fight to keep [qualified employees] is extremely tough to do," he said. "NASA is a cool place to work… but 'cool' only lasts so long until someone throws a 65 percent pay raise at you."

In terms of where the administration views cybersecurity as a priority, Davis said that the White House has been sending "mixed signals."

Although President Donald Trump's budget proposal slashed funding for civilian agencies, NASA received a $30 million boost to enhance its cybersecurity.

Davis said that could be a good signal "if you can extrapolate that into the national policy… but I'm getting so many mixed signals, it's really hard to say."

Source : fcw.com

Leave a comment

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to Our Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media