SlideShare a Scribd company logo

Welcome to the internet of things

Kate Carruthers
Kate Carruthers
1 of 41
Download to read offline
Welcome to the Internet of Things, by the way privacy is dead…
Agenda • What is the Internet of Things (IoT) • Business models & potential market size • Drivers for IoT • Security and Privacy Feb 2015 © Kate Carruthers | katecarruthers.com 2
Feb 2015 © Kate Carruthers | katecarruthers.com 3 Objects are becoming embedded with sensors and gaining the ability to operate & communicate independent of human intervention.
Feb 2015 © Kate Carruthers | katecarruthers.com 4 The resulting information networks promise to create new business models and disrupt existing business models.
Characteristics Distributed Peer to peer API based Network neutral Feb 2015 © Kate Carruthers | katecarruthers.com 5
Feb 2015 © Kate Carruthers | katecarruthers.com 6 Connected devices are transformed from a single purchase product into a service that generates recurring income. IoT value is not in the devices, but in new services related to the devices.
New business models • Open models • Collaboration & loose confederations • Agile, change ready organisations • Restructured supply chain • Mergers & acquisitions Feb 2015 © Kate Carruthers | katecarruthers.com 7
Ubiquitous connectivity Feb 2015 © Kate Carruthers | katecarruthers.com 8
Cisco says US$14 trillion IoE value 1) asset utilization (reduced costs) of $2.5 trillion 2) employee productivity (greater labor efficiencies) of $2.5 trillion 3) supply chain and logistics (eliminating waste) of $2.7 trillion 4) customer experience (addition of more customers) of $3.7 trillion 5) innovation (reducing time to market) of $3.0 trillion Feb 2015 © Kate Carruthers | katecarruthers.com 9 CISCO White paper: Embracing the Internet of Everything for your Share of $14 trillion
Market signals - 2014 • Google bought Nest for US$3.2B Jan 2014 • Google & Nest bought Dropcam for US$555M • Samsung bought SmartThings for US$200M • Vodafone bought Cobra Automotive for £115M • Zebra Technologies bought a unit of Motorola for US$3.45B Feb 2015 © Kate Carruthers | katecarruthers.com 10
Market signals - 2014 • global survey of 1400 software developers • 17.1% working on IoT apps • 23% expect to begin work in next 6 months Feb 2015 © Kate Carruthers | katecarruthers.com 11 Evans Data Corporation Survey July 2014
Driven by convergence • Ubiquitous comms networks • Mobile connectivity • 3D printing • Sensor networks • Big data > drawing useful inferences • Peer to peer networks • Cloud computing • Artificial intelligence • Commodity sensors • Software defined networks Feb 2015 © Kate Carruthers | katecarruthers.com 12
Fuelled by app ecosystem “Between 2008 and 2017, Google Play and Apple’s App Store will be responsible for a mind-blowing number of mobile app downloads: 350 billion.” Feb 2015 © Kate Carruthers | katecarruthers.com 13 Source: http://www.mobilemarketingwatch.com/the-decade-of-350-billion-app-downloads-26932/
Feb 2015 © Kate Carruthers | katecarruthers.com 14 Allflex DNA tags
Feb 2015 © Kate Carruthers | katecarruthers.com 15
Industries Financial services Automotive Technology Entertainment Retail Healthcare Hospitality Industrial Power & utilities Energy & mining Feb 2015 © Kate Carruthers | katecarruthers.com 16
Feb 2015 © Kate Carruthers | katecarruthers.com 17 Driverless trucks the next big thing in WA's Pilbara, ABC 25 Apr 2014, 3:13pm
Source: http://readwrite.com/2014/04/30/connected-home-hackers-stop-yelling-at-babies-foscam#feed=/tag/internet-of-things&awesm=~oEe6yipkTkz40o Feb 2015 © Kate Carruthers | katecarruthers.com 18 Last August, a hacker infiltrated a wireless camera owned by the Gilbert family, living in Houston, Texas. The stranger took control of the unit and used it to scream obscenities at a two-year-old toddler. Fortunately, the hearing-impaired child didn’t have her cochlear implant turned on at the time, otherwise she would have heard the stranger yelling, “Wake up Allyson, you little slut!”
Feb 2015 © Kate Carruthers | katecarruthers.com 19
Feb 2015 © Kate Carruthers | katecarruthers.com 20 Bloomberg, Data Breaches in the US, at 4 Sep 2014
Feb 2015 © Kate Carruthers | katecarruthers.com 21 • 3rd party HVAC firm attack vector • Security software disabled • PCI DSS didn’t save them
Feb 2015 © Kate Carruthers | katecarruthers.com 22 Bloomberg, Oct 2014
JP Morgan • Sarbanes-Oxley Act (SOX) • Payment Card Industry Data Security Standard (PCI DSS) • Gramm-Leach-Bliley Act (GLB) Act • Electronic Fund Transfer Act, Regulation E (EFTA) • Free and Secure Trade Program (FAST) • Fair and Accurate Credit Transaction Act (FACTA), including Red Flags Rule • Federal Rules of Civil Procedure (FRCP) Feb 2015 © Kate Carruthers | katecarruthers.com 23
Feb 2015 © Kate Carruthers | katecarruthers.com 24 Traditional approach to perimeter security
Feb 2015 © Kate Carruthers | katecarruthers.com 25 Bot-herders can launch DDoS attacks from dryers, refrigerators, other Internet of Things devices Network World Sep 2014
Feb 2015 © Kate Carruthers | katecarruthers.com 26Proofpoint Uncovers Internet of Things (IoT) Cyberattack, January 16, 2014 “The global attack campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets …”
Feb 2015 © Kate Carruthers | katecarruthers.com 27Proofpoint Uncovers Internet of Things (IoT) Cyberattack, January 16, 2014 “… such as home- networking routers, connected multi-media centers, televisions and at least one refrigerator”
Feb 2015 © Kate Carruthers | katecarruthers.com 28 It’s “often impossible to patch the software or upgrade the components to the latest version.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
Feb 2015 © Kate Carruthers | katecarruthers.com 29 “Often, the complete source code isn’t available. Yes, they’ll have the source code to Linux and any other open-source components.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
Feb 2015 © Kate Carruthers | katecarruthers.com 30 “But many of the device drivers and other components are just ‘binary blobs’ - no source code at all.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
Feb 2015 © Kate Carruthers | katecarruthers.com 31 “That’s the most pernicious part of the problem: No one can possibly patch code that’s just binary.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
Privacy “If it was dead, they wouldn't be fighting so hard to kill it, all over the world.” - Peter Watts Feb 2015 © Kate Carruthers | katecarruthers.com 32
Feb 2015 © Kate Carruthers | katecarruthers.com 33 http://www.abc.net.au/news/2014-11-04/berg-the-jig-is-up-on-data-retention-plans/5864432 http://www.theguardian.com/uk-news/2015/jan/22/snoopers-charter-changed-version-pass-before-election
Privacy Privacy by Design: embedding privacy into IT, business practices and networked infrastructures right from the outset https://www.privacybydesign.ca Feb 2015 © Kate Carruthers | katecarruthers.com 34
Consumer privacy • Pervasive computing • Personalisation • Customisation • Convenience • Lack of understanding • Meaningful consent Feb 2015 © Kate Carruthers | katecarruthers.com 35
Oops we spied on your wifi Feb 2015 © Kate Carruthers | katecarruthers.com 36 http://www.cnet.com/news/google-oops-we-spied-on-your-wi-fi/
Feb 2015 © Kate Carruthers | katecarruthers.com 37 Time, Sep 2014
Spy TVs… Feb 2015 © Kate Carruthers | katecarruthers.com 38 http://www.tomsguide.com/us/lg-tvs-spying-confirmation,news-17887.html
Feb 2015 © Kate Carruthers | katecarruthers.com 39
Feb 2015 © Kate Carruthers | katecarruthers.com 40 “We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.”- Amara's law
Kate Carruthers UNSW Australia Sydney katec@unsw.edu.au Twitter @kcarruthers Feb 2015 © Kate Carruthers | katecarruthers.com 41

Recommended

The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...Kate Carruthers
 
Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013Kate Carruthers
 
Building the sharing economy
Building the sharing economy Building the sharing economy
Building the sharing economy Kate Carruthers
 
Digital Marketing Mar 2008
Digital Marketing Mar 2008Digital Marketing Mar 2008
Digital Marketing Mar 2008Kate Carruthers
 
SEO & Content Strategy - Whats Next Feb 2012
SEO & Content Strategy - Whats Next Feb 2012SEO & Content Strategy - Whats Next Feb 2012
SEO & Content Strategy - Whats Next Feb 2012Liberty: Online Marketing Agency
 
Outdoor Advertising Options in Hyderabad - OOH Guide in Hyderabad
Outdoor Advertising Options in Hyderabad - OOH Guide in HyderabadOutdoor Advertising Options in Hyderabad - OOH Guide in Hyderabad
Outdoor Advertising Options in Hyderabad - OOH Guide in HyderabadOrganized Outdoor Options
 
Taking disruption for granted
Taking disruption for grantedTaking disruption for granted
Taking disruption for grantedKate Carruthers
 
SEO company in chandigarh
SEO company in chandigarhSEO company in chandigarh
SEO company in chandigarhWebliquids
 

Recommended

The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...The Internet of Things - 36th International Conference of Privacy and Data Co...
The Internet of Things - 36th International Conference of Privacy and Data Co...Kate Carruthers
 
Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013Hardware is Hard - Products are Hard Melbourne 2013
Hardware is Hard - Products are Hard Melbourne 2013Kate Carruthers
 
Building the sharing economy
Building the sharing economy Building the sharing economy
Building the sharing economy Kate Carruthers
 
Digital Marketing Mar 2008
Digital Marketing Mar 2008Digital Marketing Mar 2008
Digital Marketing Mar 2008Kate Carruthers
 
SEO & Content Strategy - Whats Next Feb 2012
SEO & Content Strategy - Whats Next Feb 2012SEO & Content Strategy - Whats Next Feb 2012
SEO & Content Strategy - Whats Next Feb 2012Liberty: Online Marketing Agency
 
Outdoor Advertising Options in Hyderabad - OOH Guide in Hyderabad
Outdoor Advertising Options in Hyderabad - OOH Guide in HyderabadOutdoor Advertising Options in Hyderabad - OOH Guide in Hyderabad
Outdoor Advertising Options in Hyderabad - OOH Guide in HyderabadOrganized Outdoor Options
 
Taking disruption for granted
Taking disruption for grantedTaking disruption for granted
Taking disruption for grantedKate Carruthers
 
SEO company in chandigarh
SEO company in chandigarhSEO company in chandigarh
SEO company in chandigarhWebliquids
 
Data Protection for Higher Education
Data Protection for Higher EducationData Protection for Higher Education
Data Protection for Higher EducationKate Carruthers
 
Modelling Higher Education's digital future
Modelling Higher Education's digital future Modelling Higher Education's digital future
Modelling Higher Education's digital future Kate Carruthers
 
Starting data governance
Starting data governance Starting data governance
Starting data governance Kate Carruthers
 
Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceKate Carruthers
 
Info Sec, AI, and Ethics
Info Sec, AI, and EthicsInfo Sec, AI, and Ethics
Info Sec, AI, and EthicsKate Carruthers
 
Internet of Things and Governance
Internet of Things and GovernanceInternet of Things and Governance
Internet of Things and GovernanceKate Carruthers
 
Digital Marketing and your startup
Digital Marketing and your startupDigital Marketing and your startup
Digital Marketing and your startupKate Carruthers
 
Data at the centre of a complex world
Data at the centre of a complex world Data at the centre of a complex world
Data at the centre of a complex world Kate Carruthers
 
Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Kate Carruthers
 
Data Governance - a work in progress
Data Governance - a work in progressData Governance - a work in progress
Data Governance - a work in progressKate Carruthers
 
Future proof your career
Future proof your career Future proof your career
Future proof your career Kate Carruthers
 
Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Kate Carruthers
 
Implementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityImplementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityKate Carruthers
 
Social media: balancing risk and control
Social media: balancing risk and controlSocial media: balancing risk and control
Social media: balancing risk and controlKate Carruthers
 
Social and technology trends for banking
Social and technology trends for bankingSocial and technology trends for banking
Social and technology trends for bankingKate Carruthers
 
Internet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsInternet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsKate Carruthers
 
Crowdfunding
CrowdfundingCrowdfunding
CrowdfundingKate Carruthers
 
Your blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogYour blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogKate Carruthers
 
Social media for social good 2012
Social media for social good 2012Social media for social good 2012
Social media for social good 2012Kate Carruthers
 
Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Kate Carruthers
 

More Related Content

More from Kate Carruthers

Data Protection for Higher Education
Data Protection for Higher EducationData Protection for Higher Education
Data Protection for Higher EducationKate Carruthers
 
Modelling Higher Education's digital future
Modelling Higher Education's digital future Modelling Higher Education's digital future
Modelling Higher Education's digital future Kate Carruthers
 
Starting data governance
Starting data governance Starting data governance
Starting data governance Kate Carruthers
 
Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceKate Carruthers
 
Info Sec, AI, and Ethics
Info Sec, AI, and EthicsInfo Sec, AI, and Ethics
Info Sec, AI, and EthicsKate Carruthers
 
Internet of Things and Governance
Internet of Things and GovernanceInternet of Things and Governance
Internet of Things and GovernanceKate Carruthers
 
Digital Marketing and your startup
Digital Marketing and your startupDigital Marketing and your startup
Digital Marketing and your startupKate Carruthers
 
Data at the centre of a complex world
Data at the centre of a complex world Data at the centre of a complex world
Data at the centre of a complex world Kate Carruthers
 
Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Kate Carruthers
 
Data Governance - a work in progress
Data Governance - a work in progressData Governance - a work in progress
Data Governance - a work in progressKate Carruthers
 
Future proof your career
Future proof your career Future proof your career
Future proof your career Kate Carruthers
 
Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Kate Carruthers
 
Implementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityImplementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityKate Carruthers
 
Social media: balancing risk and control
Social media: balancing risk and controlSocial media: balancing risk and control
Social media: balancing risk and controlKate Carruthers
 
Social and technology trends for banking
Social and technology trends for bankingSocial and technology trends for banking
Social and technology trends for bankingKate Carruthers
 
Internet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsInternet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsKate Carruthers
 
Your blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogYour blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogKate Carruthers
 
Social media for social good 2012
Social media for social good 2012Social media for social good 2012
Social media for social good 2012Kate Carruthers
 
Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Kate Carruthers
 

More from Kate Carruthers (20)

Data Protection for Higher Education
Data Protection for Higher EducationData Protection for Higher Education
Data Protection for Higher Education
 
Modelling Higher Education's digital future
Modelling Higher Education's digital future Modelling Higher Education's digital future
Modelling Higher Education's digital future
 
Starting data governance
Starting data governance Starting data governance
Starting data governance
 
Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practice
 
Info Sec, AI, and Ethics
Info Sec, AI, and EthicsInfo Sec, AI, and Ethics
Info Sec, AI, and Ethics
 
Internet of Things and Governance
Internet of Things and GovernanceInternet of Things and Governance
Internet of Things and Governance
 
Digital Marketing and your startup
Digital Marketing and your startupDigital Marketing and your startup
Digital Marketing and your startup
 
Data at the centre of a complex world
Data at the centre of a complex world Data at the centre of a complex world
Data at the centre of a complex world
 
Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018Data & Digital Ethics - CDAO Conference Sydney 2018
Data & Digital Ethics - CDAO Conference Sydney 2018
 
Data Governance - a work in progress
Data Governance - a work in progressData Governance - a work in progress
Data Governance - a work in progress
 
Future proof your career
Future proof your career Future proof your career
Future proof your career
 
Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts Data & Digital Ethics: some thoughts
Data & Digital Ethics: some thoughts
 
Implementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a UniversityImplementing Data Governance & ISMS in a University
Implementing Data Governance & ISMS in a University
 
Social media: balancing risk and control
Social media: balancing risk and controlSocial media: balancing risk and control
Social media: balancing risk and control
 
Social and technology trends for banking
Social and technology trends for bankingSocial and technology trends for banking
Social and technology trends for banking
 
Internet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business ModelsInternet of things: New Technology and its Impact on Business Models
Internet of things: New Technology and its Impact on Business Models
 
Crowdfunding
CrowdfundingCrowdfunding
Crowdfunding
 
Your blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blogYour blog your brand - tips on getting started with your blog
Your blog your brand - tips on getting started with your blog
 
Social media for social good 2012
Social media for social good 2012Social media for social good 2012
Social media for social good 2012
 
Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012Whats the big idea with social media media140-2012
Whats the big idea with social media media140-2012
 

Welcome to the internet of things

  • 1. Welcome to the Internet of Things, by the way privacy is dead…
  • 2. Agenda • What is the Internet of Things (IoT) • Business models & potential market size • Drivers for IoT • Security and Privacy Feb 2015 © Kate Carruthers | katecarruthers.com 2
  • 3. Feb 2015 © Kate Carruthers | katecarruthers.com 3 Objects are becoming embedded with sensors and gaining the ability to operate & communicate independent of human intervention.
  • 4. Feb 2015 © Kate Carruthers | katecarruthers.com 4 The resulting information networks promise to create new business models and disrupt existing business models.
  • 5. Characteristics Distributed Peer to peer API based Network neutral Feb 2015 © Kate Carruthers | katecarruthers.com 5
  • 6. Feb 2015 © Kate Carruthers | katecarruthers.com 6 Connected devices are transformed from a single purchase product into a service that generates recurring income. IoT value is not in the devices, but in new services related to the devices.
  • 7. New business models • Open models • Collaboration & loose confederations • Agile, change ready organisations • Restructured supply chain • Mergers & acquisitions Feb 2015 © Kate Carruthers | katecarruthers.com 7
  • 8. Ubiquitous connectivity Feb 2015 © Kate Carruthers | katecarruthers.com 8
  • 9. Cisco says US$14 trillion IoE value 1) asset utilization (reduced costs) of $2.5 trillion 2) employee productivity (greater labor efficiencies) of $2.5 trillion 3) supply chain and logistics (eliminating waste) of $2.7 trillion 4) customer experience (addition of more customers) of $3.7 trillion 5) innovation (reducing time to market) of $3.0 trillion Feb 2015 © Kate Carruthers | katecarruthers.com 9 CISCO White paper: Embracing the Internet of Everything for your Share of $14 trillion
  • 10. Market signals - 2014 • Google bought Nest for US$3.2B Jan 2014 • Google & Nest bought Dropcam for US$555M • Samsung bought SmartThings for US$200M • Vodafone bought Cobra Automotive for £115M • Zebra Technologies bought a unit of Motorola for US$3.45B Feb 2015 © Kate Carruthers | katecarruthers.com 10
  • 11. Market signals - 2014 • global survey of 1400 software developers • 17.1% working on IoT apps • 23% expect to begin work in next 6 months Feb 2015 © Kate Carruthers | katecarruthers.com 11 Evans Data Corporation Survey July 2014
  • 12. Driven by convergence • Ubiquitous comms networks • Mobile connectivity • 3D printing • Sensor networks • Big data > drawing useful inferences • Peer to peer networks • Cloud computing • Artificial intelligence • Commodity sensors • Software defined networks Feb 2015 © Kate Carruthers | katecarruthers.com 12
  • 13. Fuelled by app ecosystem “Between 2008 and 2017, Google Play and Apple’s App Store will be responsible for a mind-blowing number of mobile app downloads: 350 billion.” Feb 2015 © Kate Carruthers | katecarruthers.com 13 Source: http://www.mobilemarketingwatch.com/the-decade-of-350-billion-app-downloads-26932/
  • 14. Feb 2015 © Kate Carruthers | katecarruthers.com 14 Allflex DNA tags
  • 15. Feb 2015 © Kate Carruthers | katecarruthers.com 15
  • 16. Industries Financial services Automotive Technology Entertainment Retail Healthcare Hospitality Industrial Power & utilities Energy & mining Feb 2015 © Kate Carruthers | katecarruthers.com 16
  • 17. Feb 2015 © Kate Carruthers | katecarruthers.com 17 Driverless trucks the next big thing in WA's Pilbara, ABC 25 Apr 2014, 3:13pm
  • 18. Source: http://readwrite.com/2014/04/30/connected-home-hackers-stop-yelling-at-babies-foscam#feed=/tag/internet-of-things&awesm=~oEe6yipkTkz40o Feb 2015 © Kate Carruthers | katecarruthers.com 18 Last August, a hacker infiltrated a wireless camera owned by the Gilbert family, living in Houston, Texas. The stranger took control of the unit and used it to scream obscenities at a two-year-old toddler. Fortunately, the hearing-impaired child didn’t have her cochlear implant turned on at the time, otherwise she would have heard the stranger yelling, “Wake up Allyson, you little slut!”
  • 19. Feb 2015 © Kate Carruthers | katecarruthers.com 19
  • 20. Feb 2015 © Kate Carruthers | katecarruthers.com 20 Bloomberg, Data Breaches in the US, at 4 Sep 2014
  • 21. Feb 2015 © Kate Carruthers | katecarruthers.com 21 • 3rd party HVAC firm attack vector • Security software disabled • PCI DSS didn’t save them
  • 22. Feb 2015 © Kate Carruthers | katecarruthers.com 22 Bloomberg, Oct 2014
  • 23. JP Morgan • Sarbanes-Oxley Act (SOX) • Payment Card Industry Data Security Standard (PCI DSS) • Gramm-Leach-Bliley Act (GLB) Act • Electronic Fund Transfer Act, Regulation E (EFTA) • Free and Secure Trade Program (FAST) • Fair and Accurate Credit Transaction Act (FACTA), including Red Flags Rule • Federal Rules of Civil Procedure (FRCP) Feb 2015 © Kate Carruthers | katecarruthers.com 23
  • 24. Feb 2015 © Kate Carruthers | katecarruthers.com 24 Traditional approach to perimeter security
  • 25. Feb 2015 © Kate Carruthers | katecarruthers.com 25 Bot-herders can launch DDoS attacks from dryers, refrigerators, other Internet of Things devices Network World Sep 2014
  • 26. Feb 2015 © Kate Carruthers | katecarruthers.com 26Proofpoint Uncovers Internet of Things (IoT) Cyberattack, January 16, 2014 “The global attack campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets …”
  • 27. Feb 2015 © Kate Carruthers | katecarruthers.com 27Proofpoint Uncovers Internet of Things (IoT) Cyberattack, January 16, 2014 “… such as home- networking routers, connected multi-media centers, televisions and at least one refrigerator”
  • 28. Feb 2015 © Kate Carruthers | katecarruthers.com 28 It’s “often impossible to patch the software or upgrade the components to the latest version.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
  • 29. Feb 2015 © Kate Carruthers | katecarruthers.com 29 “Often, the complete source code isn’t available. Yes, they’ll have the source code to Linux and any other open-source components.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
  • 30. Feb 2015 © Kate Carruthers | katecarruthers.com 30 “But many of the device drivers and other components are just ‘binary blobs’ - no source code at all.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
  • 31. Feb 2015 © Kate Carruthers | katecarruthers.com 31 “That’s the most pernicious part of the problem: No one can possibly patch code that’s just binary.” Bruce Schneier, The Internet of Things Is Wildly Insecure - And Often Unpatchable, Wired, Jan 2014
  • 32. Privacy “If it was dead, they wouldn't be fighting so hard to kill it, all over the world.” - Peter Watts Feb 2015 © Kate Carruthers | katecarruthers.com 32
  • 33. Feb 2015 © Kate Carruthers | katecarruthers.com 33 http://www.abc.net.au/news/2014-11-04/berg-the-jig-is-up-on-data-retention-plans/5864432 http://www.theguardian.com/uk-news/2015/jan/22/snoopers-charter-changed-version-pass-before-election
  • 34. Privacy Privacy by Design: embedding privacy into IT, business practices and networked infrastructures right from the outset https://www.privacybydesign.ca Feb 2015 © Kate Carruthers | katecarruthers.com 34
  • 35. Consumer privacy • Pervasive computing • Personalisation • Customisation • Convenience • Lack of understanding • Meaningful consent Feb 2015 © Kate Carruthers | katecarruthers.com 35
  • 36. Oops we spied on your wifi Feb 2015 © Kate Carruthers | katecarruthers.com 36 http://www.cnet.com/news/google-oops-we-spied-on-your-wi-fi/
  • 37. Feb 2015 © Kate Carruthers | katecarruthers.com 37 Time, Sep 2014
  • 38. Spy TVs… Feb 2015 © Kate Carruthers | katecarruthers.com 38 http://www.tomsguide.com/us/lg-tvs-spying-confirmation,news-17887.html
  • 39. Feb 2015 © Kate Carruthers | katecarruthers.com 39
  • 40. Feb 2015 © Kate Carruthers | katecarruthers.com 40 “We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.”- Amara's law
  • 41. Kate Carruthers UNSW Australia Sydney katec@unsw.edu.au Twitter @kcarruthers Feb 2015 © Kate Carruthers | katecarruthers.com 41