29 Dec 2016

Would you sign off on a room nurse performing open heart surgery on you?

No, right?

Then why do you buy devices that connect to the internet when they’re not built by cybersecurity experts?

Before we open that can of worms, let’s explain what we’re talking about. Today, in just about every home most people own a device that connects the internet. Not just a computer or a phone, but a fitness wristband or a thermostat or even a child’s doll. Just about every product you could want has a version that connects to a network to give the user greater access to information and control.

It’s great for convenience, which means that the consumer (you) will be happy. But whether you know it or not, when you buy Internet-of-Things (IoT) devices you’re trading your cybersecurity for convenience. Every device that connects the internet also connects to every hacker online too. So, every webcam and Fitbit in your home is a doorway for hackers to look into your life.

Now, you might be saying to yourself, “It can’t be that bad. You’re just saying that to scare me.” But remember when we asked you if you would let a regular nurse perform surgery? That’s the same thing that is happening with your IoT devices. The people building them are not cybersecurity experts but just regular engineers, so when they connect to the internet the device are not protected as they should be. A giant market has been created of devices that are poorly protected, which means that even if you wanted to buy devices that were properly protected you would have a hard time finding them.

There is some good news though. There are already security standards for certain industries designed to ensure that everything they make or service they provide is safe for the customer. And these standards could be tweaked to apply to larger manufacturers so that you can know that the devices that you bought for your loved ones last Christmas won’t be an open doorway for hackers into your home. The International Organization for Standardization (ISO) creates information security management standards. Their most popular standard is ISO 27001.

ISO 27001 is an international information security standard designed to fit a wide variety of companies in different industries. For example, ISO 27001 type II is designed to keep cloud service providers secure. There are other types of ISO 27001 that fit other companies and the steps that the system calls for will fit companies large and small. ISO 27001 works so well that it’s becoming a standard around the world. In 2006, just over 5,000 companies used ISO 27001 but in 2014 nearly 25,000 did.

The answer to the IoT problem isn’t to make ISO 27001 a federally enforced standard for all manufacturers. But a similar standard designed to force manufacturers to make devices that are convenient and safe to bring into your home could be. The people designing most IoT devices are not concerned with how strong the login credentials are or creating updates and patches for their devices. They’re concerned with making their bosses happy and getting a product out the door. But if you inform yourself on the cybersecurity threats just outside your door then one day they may be. Educate yourself on security standards like ISO 27001 and push for legislation that reflects what you learn in the process.

You won’t just be protecting your business, but your family too.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top