With the continued expansion of the Internet of Things (IoT), we must be aware of the associated cyber risk. Any time that we expand our security boundary, like cloud and certainly IoT, we have to understand all of the potential risks. I am not advocating the avoidance of cloud or IOT, although we should probably go into the architecture with both eyes wide open.
The core element of designing an effective cybersecurity strategy is founded on a set of consistent security standards that are inherited to support specific business or organizational outcomes. Typically, security standards are grouped to provide security policies. The NIST cyber standards and grouping of cyber standards into the risk management framework (RMF) the cybersecurity framework (CSF), DFARS, FedRAMP become our security policies.
BEST PRACTICE: Use a set of consistent security standards, inherit those standards to individual policies, provide flexibility to the implementation of the security standards within the policies, and you'll find an excellent foundation for your cybersecurity strategy.
What is the impact of cloud, mobility, smart devices and IoT technologies?
All of these technologies and others not mentioned, tend to extend our security boundary. Security policy and cyber standards include hardware, software, operating systems, process and human capital required to execute a business or organizational outc