NSA Gives $300,000 for a Safer Internet of Things

Uploaded on 2015-09-07 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY-Key Areas-Internet of Things

 images?q=tbn:ANd9GcR9mUNG-Uq28fIHFsB-EE9_X-W9XLX28-VXiyHVaKogGpELeOMq

Better Security Starts At The Design Phase.

The NSA is funding development for architecture for a "safer" Internet of Things (IoT), in the hope of incorporating better security at a product's design phase. The controversial US intelligence agency is bestowing a $299,000, one-year grant to the University of Alabama in Huntsville (UAH) for a project that aims to build a lightweight virtualisation architecture, which will make it easier to build security into IoT systems before they leave the factory.

A growing number of devices are being internet-enabled, thereby joining the IoT as smart meters, inter-enabled cars, and much, much more.

Unfortunately, little consideration has been given to security at the design phases, so that security flaws from weak authentication, crap crypto and glaring built-in web console flaws have become legion.As a result, cars have been remotely hacked while home routers have been left hopelessly insecure. The list is extensive, and growing.

Given its history, particularly when it comes to intercepting the supply chain of routers to plant backdoors, it might be tempting to think that the NSA wants to backdoor IoT devices too. But it's hardly worth the effort on kit that is wide open and insecure in the first place.
The UAH's Dielectric architecture aims to incorporate cybersecurity into the product design phase of IoT kit rather than bolting it on as an afterthought.

Experts in embedded systems and automotive systems will come together to work on the project. The approach could have applications in cloud-based systems, according to UAH.
"With the Internet of Things, one expects various 'things' – that is, embedded systems – to connect to the cloud," said Dr Etzkorn, a faculty member at UAH's computer science department. "We are examining security methodologies that can apply both at the embedded systems level and the cloud level."

The academics said the arrival of funds later this month will enable them to take on two graduate student researchers at the beginning of the autumn term and support them through the summer of 2016.
The research team will also include three faculty members from the UAH electrical and computer engineering department as well as two from its computer science department, as explained in a statement on the Dielectric architecture and the NSA grant here.

Register: http://bit.ly/1J6nn2r

« Assange Advised Snowden To Go to Russia
Cyberspies Impersonate Security Researcher »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Zentera Systems

Zentera Systems

Zentera's CoIP (Cloud over IP) solution offers enterprise-grade networking and security for the emerging cloud ecosystem.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Kount

Kount

Kount's “decision engine” platform is ideal for managing fraud in online/telephone channels that process payments and onboard new customers.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Teramind

Teramind

Teramind provides a user-centric security approach to monitor employee behavior in order to identify suspicious activity, detect possible threats, monitor efficiency, and ensure industry compliance.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

ArcusTeam

ArcusTeam

ArcusTeam is at the forefront of the firmware and applications security industry, with a mission to increase the level of security on all IoT devices and applications.

Sierra Ventures

Sierra Ventures

Sierra Ventures is an early-stage venture firm investing globally with a focus on Next Generation Enterprise and Emerging Technologies.

Quintillion Consulting

Quintillion Consulting

Quintillion Consulting is a strategic risk based consulting firm. We help companies safeguard the core business and IT capabilities that deliver competitive advantage.

ServerScan

ServerScan

ServerScan specializes in providing server scanning & compliance services to organizations of all types and sizes.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.