Book description
A practical, indispensable security guide that will navigate you through the complex realm of securely building and deploying systems in our IoT-connected world
Key Features
- Learn best practices to secure your data from the device to the cloud
- Use systems security engineering and privacy-by-design principles to design a secure IoT ecosystem
- A practical guide that will help you design and implement cyber security strategies for your organization
Book Description
With the advent of the Internet of Things (IoT), businesses have to defend against new types of threat. The business ecosystem now includes the cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces. It therefore becomes critical to ensure that cybersecurity threats are contained to a minimum when implementing new IoT services and solutions.
This book shows you how to implement cybersecurity solutions, IoT design best practices, and risk mitigation methodologies to address device and infrastructure threats to IoT solutions.
In this second edition, you will go through some typical and unique vulnerabilities seen within various layers of the IoT technology stack and also learn new ways in which IT and physical threats interact. You will then explore the different engineering approaches a developer/manufacturer might take to securely design and deploy IoT devices. Furthermore, you will securely develop your own custom additions for an enterprise IoT implementation. You will also be provided with actionable guidance through setting up a cryptographic infrastructure for your IoT implementations. You will then be guided on the selection and configuration of Identity and Access Management solutions for an IoT implementation. In conclusion, you will explore cloud security architectures and security best practices for operating and managing cross-organizational, multi-domain IoT deployments.
What you will learn
- Discuss the need for separate security requirements and apply security engineering principles on IoT devices
- Master the operational aspects of planning, deploying, managing, monitoring, and detecting the remediation and disposal of IoT systems
- Use Blockchain solutions for IoT authenticity and integrity
- Explore additional privacy features emerging in the IoT industry, such as anonymity, tracking issues, and countermeasures
- Design a fog computing architecture to support IoT edge analytics
- Detect and respond to IoT security incidents and compromises
Who this book is for
This book targets IT Security Professionals and Security Engineers (including pentesters, security architects and ethical hackers) who would like to ensure the security of their organization's data when connected through the IoT. Business analysts and managers will also find this book useful.
Publisher resources
Table of contents
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
- A Brave New World
- Vulnerabilities, Attacks, and Countermeasures
- Approaches to Secure Development
-
Secure Design of IoT Devices
- The challenge of secure IoT development
-
Secure design goals
- Design IoT systems that mitigate automated attack risks
- Design IoT systems with secure points of integration
- Designing IoT systems to protect confidentiality and integrity
- Design IoT systems that are safe
- Design IoT systems using hardware protection measures
- Design IoT systems that remain available
-
Design IoT systems that are resilient
- Protecting against jamming attacks
- Device redundancy 
- Gateway caching
- Digital configurations
- Gateway clustering
- Rate limiting
- Congestion control
- Provide flexible policy and security management features to administrators 
- Provide logging mechanisms and feed integrity-protected logs to the cloud for safe storage
- Design IoT systems that are compliant 
- Summary
-
Operational Security Life Cycle
- Defining your security policies
- Defining system roles 
- Configuring gateway and network security
- Bootstrapping and securely configuring devices
- Setting up threat intelligence and vulnerability tracking
- Managing assets 
- Managing keys and certificates
- Managing accounts, passwords, and authorizations
- Managing firmware and patching updates
- Monitoring your system
- Training system stakeholders
- Performing penetration testing
- Managing compliance
- Managing incidents
- Performing end-of-life maintenance
- Summary
- Cryptographic Fundamentals for IoT Security Engineering
- Identity and Access Management Solutions for the IoT
- Mitigating IoT Privacy Concerns
- Setting Up an IoT Compliance Monitoring Program
-
Cloud Security for the IoT
- The role of the cloud in IoT systems 
- The concept of the fog
- Threats to cloud IoT services
- Cloud-based security services for the IoT
- Summary
- IoT Incident Response and Forensic Analysis
- Other Books You May Enjoy
Product information
- Title: Practical Internet of Things Security - Second Edition
- Author(s):
- Release date: November 2018
- Publisher(s): Packt Publishing
- ISBN: 9781788625821
You might also like
book
Practical Industrial Internet of Things Security
Skillfully navigate through the complex realm of implementing scalable, trustworthy industrial systems and architectures in a …
book
The IoT Hacker's Handbook: A Practical Guide to Hacking the Internet of Things
Take a practioner’s approach in analyzing the Internet of Things (IoT) devices and the security issues …
book
Practical Industrial Cybersecurity
A practical roadmap to protecting against cyberattacks in industrial environments In Practical Industrial Cybersecurity: ICS, Industry …
book
Practical Cybersecurity Architecture
Plan and design robust security architectures to secure your organization's technology landscape and the applications you …