Volume LVII, Issue 5

In This Issue

Senate Rejects NSL Authority Expansion

Excerpted from SC Magazine Report by Teri Robinson

The Senate is not ready to grant the Federal Bureau of Investigation (FBI) expanded National Security Letter (NSL) powers after it failed Wednesday to pass an amendment to that effect, which would make permanent the “lone wolf” provision of the Patriot Act set to expire in 2019.

Senate Majority Leader Mitch McConnell switched his vote to “No” at the last minute, but will be able to bring up the amendment during future debate.

The Senate was to confirm or reject the two-pronged amendment proposed by Sen. John McCain (R-AZ) to attach to the Commerce, Justice, Science and Related Agencies Appropriations Act, which will come up for a final vote by the legislators later in the week.

The Electronic Frontier Foundation (EFF) had urged Senators to vote no on the amendment, claiming that the FBI had previously abused its NSL authority and had never used the lone wolf provision.

“Because nearly all NSLs are accompanied by self-certified gag orders signed by the FBI, it’s supremely hard for the public to get clear information about them,” EFF Staff Attorney Andrew Crocker wrote…. Read More

DCINFO Editor’s Note: The DCIA is on the record opposing the rejected amendment and related changes to the Electronic Communications Privacy Act (ECPA) reform bill.

Update on Internet of Things Megatrend

Excerpted from Sys-Con Media Report by Bob Gourley

There are seven key megatrends driving the future of enterprise information technology (IT).

You can remember them all with the helpful mnemonic acronym CAMBRIC, which stands for Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, CyberSecurity.

In this post we dive deeper into the Internet of Things (IoT).

Today’s internet connects people, governments, academia, and business.

The already emerging IoT goes far beyond that.

Largely enabled by embedded computing devices and ubiquitous communications, the IoT reaches to vehicles, homes, towns and cities, commerce, manufacturing, and every aspect of industry.

A snapshot of the trend right now indicates that it is largely enabled by embedded computing devices and ubiquitous communications and its use cases are expected to include enhancements to education, training, safety, security, healthcare, transportation, and optimized manufacturing… Read More

IoT Device Cyber-Threats Mount

Excerpted from TelecomTV Insights Report

With the rise of the Internet of Things (IoT), pressure to mitigate cyber-risks in connected devices is mounting.

Though security is a big concern, connected devices from autonomous vehicles to smart home products often lack it, as it is not a feature given great attention during design and manufacturing.

ABI Research projects that this is largely due to economies of scale but anticipates that the world will undergo a swift change to better protect these devices as global embedded security shipments increase exponentially to near 4 billion by 2021.

“Most connected devices are not being built with security in mind, as many IoT device manufacturers lack the funding, expertise, and awareness to properly implement it,” says Michela Menting, Research Director at ABI Research.

“This is why hardware-based embedded security solutions play an important role in addressing the needs of these resource-constrained connected devices.”

IoT devices need a trusted platform, like an Embedded Secure Element (eSE), Trusted Execution Environment (TEE)… Read More

Report from DCIA CEO Marty Lafferty

Click Here for Video.

The Internet of Things (IoT) is creating the largest networks the world has ever seen, along with many fresh opportunities for inventive solutions in distributed computing among numerous sectors of the economy.

And therefore the IoT is presenting a whole new range of targets to potential hackers.

While the IoT promises unprecedented levels of efficiency, automation, and coordination, organizations need to assess security risks and create defense strategies against IoT cyber-attacks to avoid facing serious crises.

Sooner rather than later is the watch-word here.

Security of Things World USA, the newest event in the DCIA’s partnership with weCONECT Group, has been designed to help you find pragmatic solutions to the most common security threats.

To bring you up-to-date with industry advancements, here are the first confirmed speakers who will be sharing their insights on November third and fourth in San Diego, CA:

Larry Clinton, CEO, Internet Security Alliance; Gary Hayslip, Deputy Director, Chief Information Security Officer, Department of Information Technology, City of San Diego; Andrew Kling, Director of Cybersecurity and Architecture, Schneider Electric; Rainer Rodler, Project Manager Product IT Security, ZF / TRW; Cherie Dawson, Cyber Risk Manager, AIG; Jared Carstensen, CISO, CRH; Rodrigo Loureiro, Chief Information Security Officer, Laureate International Universities; Sharon Anolik, Member of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee; and many more.

The Security of Things World USA community keeps on growing with confirmed delegations from The Reynolds & Reynolds Company, United Technologies Corporation, UL, Wells Fargo, Mondelez International and many more.

Why not bring your entire security or IoT team to Security of Things World USA?

We have special rates for groups.

Just let me know how many of you will be joining us and we will make sure to get you an offer you can’t refuse.

Don’t hesitate to contact me if you have questions, I’ll be happy to help. Share wisely, and take care.

Security Should Not Be IoT Adoption Barrier

Excerpted from Computer Weekly Report by Caroline Donnelly

Speaking at the Cloud and DevOps World conference in London, John Miri, Chief Administrative Officer at the Lower Colorado River Authority (LCRA), said people tend to focus on the cybersecurity aspects of IoT rather than the difference it can make to the safety of citizens.

“Don’t just focus on the cybersecurity aspect of IoT and say, ‘what if someone breaks into the technology,’ focus on the new use cases that are related to safety and security,” he urged attendees.

To back this point, he explained how the LCRA previously relied on local residents to keep tabs on rising water levels and the risk of flooding along the Colorado River, but now uses around 270 IoT sensors to do the job instead.

“In the old days, we would have people with logbooks living near areas prone to flooding and they would come to us and say when they saw something out of the ordinary.”

“But people don’t move as fast as the water does,” he said.

“What we found with IoT, and working on the premise that the speed of light is faster than the speed of water… Read More

The IoT Will Be Disruptive

Excerpted from Emergency Management Report by Eric Holdeman

Disruptive technologies have a way of sneaking up on you.

Ask any taxi driver about Uber or Lyft and how rapidly those companies and their methodology of doing business has “disrupted” their incomes.

Even more disruption is coming their way in the near future with on-demand self-driving cars.

This article, Preparing for the Disruption of the IoT, highlights some of those disruptions we can see coming.

It talks specifically about owning and operating a car and how we are motivated as buyers to make a purchase.

Much of that will be changing for a large segment of the population.

Will I want to buy a self-driving Porsche?

Emergency management and first responders are not immune to being impacted by IoT.

Keep your eyes open and stay attuned to changes that will happen very quickly and impact how you do your job… Read More

Media & Entertainment Meet IoT

Excerpted from IoT Daily Report by Chase Martin

There appears to be a disconnect between media and entertainment companies and consumers using Internet of Things (IoT) products.

At least that’s the conclusion of a new report by Ernst & Young (EY) focused on the impact of the IoT on media and entertainment.

The major hurdle for media and entertainment companies is the lack of consumer understanding of the IoT, according to the report.

With limited access to data and feedback from consumers, media companies are seen as not fully engaging in the platform.

One of the key issues identified is the leveraging of location data, such as from all kinds of smart and connected devices.

“Think about the sensors that exist in our lives today, in the home,” Howard Bass, Global Media & Entertainment Advisory Leader at EY, told the IoT Daily.

“Sensors know how many people are in the room or the emotional state of those people… Read More

Samsung Will Invest $1.2 Billion in US for IoT

Excerpted from Forbes Report by Aaron Tilley

Samsung just can’t seem to get enough of the Internet of Things (IoT).

On Tuesday, the South Korean electronics giant announced it would be investing $1.2 billion into the United States specifically around the IoT market.

“We think there’s still a lot to do in this area,” said Young Sohn, President and Chief Strategy Officer of Samsung Electronics in an interview.

Defining the IoT is a little tricky.

In general, it’s dry jargon to describe the ever-increasing number of connected devices in our lives.

But it’s both broad and vague enough that nearly any new technology these days could be described as IoT.

Areas like agriculture, manufacturing, healthcare, the home, and infrastructure are of particular interest for Samsung.

Half of this $1.2 billion investment will go towards investing in US IoT-related startups… Read More

Still Think IoT Is Overhyped?

Excerpted from The Motley Fool Report

The Internet of Things (IoT) gets a lot of attention for its potential to transform major industry sectors such as transportation, agriculture, industrials, and technology — not to mention its projected market worth of $7 trillion or more by 2020.

That’s the 30,000 foot view of IoT, but on a smaller scale, the IoT is already gaining significant ground in the US cellular market.

According to new data from Chetan Sharma, connected cars and machine-to-machine (M2M) connections accounted for 46% of cellular connections in the first quarter of this year.

In fact, more new cars were connected to the Internet in the quarter than new cellular phones.

In Q1, connected cars made up 32% of new cellular connections, while phones made up 31%.

But it’s not just connected cars that are pushing the growth of IoT connections. M2M connections accounted for 14% of cellular connections in Q1. That’s great news for Verizon Communications, which has been busy building out its IoT solutions… Read More

Telefonica & Huawei Sign 5G Innovation Agreement

Excerpted from India Infoline

Telefonica and Huawei signed a 5G & NG-RAN Joint Innovation Agreement in Shenzhen, which is a further cooperation step of Telefonica and Huawei on 5G, based on the strategic Memorandum of Understanding (MoU) signed in Hong Kong on November 5th, 2015.

With the fast development of mobile internet and the Internet of Things (IoT), mobile broadband will penetrate all areas of the society, and the users expect a better blueprint for a better connected world.

The future diverse applications which requires ultra-high throughput, low latency, and massive connection, need a revolution of the current cellular network.

Both operators and vendors are seeking ways to increase the network coverage and capacity, reduce the network operation cost by simplifying maintenance, saving energy, and improving efficiency and flexibility to implement new services.

The joint cooperation in the 5G & NG-RAN covers CloudRAN, 5G Radio User Centric No Cell, 5G Core Re-Architect and Massive MIMO innovation projects, aiming to improve the spectrum efficiency and build a cloud-native architecture.

5G Core architecture evolution and research on CloudRAN, would be the major cooperation areas between Telefonica and Huawei… Read More

Verizon Enhances Connected Vehicle Business

Excerpted from TelecomTV Insights Report

Seeking to add best-in-class Software-as-a-Service (SaaS) technology and services, specifically in the connected vehicle and mobile enterprise management sectors – as well as expanded distribution relationships – to its Verizon Telematics subsidiary, Verizon Communications today announced it has signed an agreement to purchase Telogis, a private company based in Aliso Viejo, CA.

“With a comprehensive enterprise product portfolio and partnerships with some of the world’s leading vehicle and equipment manufacturers, Telogis brings a world-class software platform and new distribution relationships to Verizon Telematics’ already expansive suite of connected vehicle solutions for consumers and enterprise customers,” said Andres Irlando, CEO of Verizon Telematics.

“The combined strengths of our two companies’ unique assets better enable us to deliver best-in-class mobile enterprise management services to customers globally, while building scale and accelerating market share.

I’m confident that the passion and talent of our collective employees will continue to drive revenue growth and product innovations to shape and lead the industry for years to come… Read More

NetApp to Store Critical NASA Data

Excerpted from Financial News Report by Gulli Arnason

NetApp’s AltaVault has been selected by NASA ´s Johnson Space Center (JSC) to protect data, optimize cloud footprint and drive down costs, the company said.

The company said NASA has one of the largest cloud footprints of any US federal government agency and had very specific requirements for how to support its backup to the cloud initiatives.

NASA ´s Johnson Space Center (JSC) has served as a hub of human spaceflight activity for more than half a century. It is home to the nation ´s astronaut corps, the International Space Station mission operations, the Orion Program, and a host of future space developments.

NetApp said NASA will use AltaVault to ensure data encryption of NASA ´s more than four petabytes of critical decision-making data from video, satellites, cameras and telescopes.

Last year, NASA ´s informational resources directorate (IRD) ran a proof of concept to store backup data in the cloud with AWS to reduce costs. The IRD used its existing Veritas NetBackup environment and deployed two NetApp AltaVault appliances as the interface… Read More

Google & Facebook Push for Transparency

Excerpted from TechCrunch Report by Kate Conger

Executives from Google, Facebook, Dropbox, and other major tech companies met with the president’s Commission on Enhancing National Cybersecurity at UC Berkeley yesterday.

The discussion was laced with moments of high drama as industry representatives asked the commission to recommend reforms and technological advances in government and the private sector.

The commission, staffed with members like former NSA director Gen. Keith Alexander and Uber Chief Security Officer Joe Sullivan, is gathering feedback for cybersecurity recommendations it is expected to issue in December.

Representatives from Google, Facebook, Dropbox and other companies spoke at the meeting, asking the commission to make recommendations on transparency, threat sharing and privacy for consumer data.

Although the FBI’s legal feud with Apple over unlocking an iPhone connected to the San Bernardino shooting case has been credited with souring relationships between government and tech, national security letters (NSL) have been a long-running gripe for major companies.

Silicon Valley has condemned the government’s reliance on NSLs to secretively extract user data from companies… Read More

Breaches from Malicious or Criminal Attacks Costly

Excerpted from eWeek Report by Sean Kerner

The average cost of a data breach rose to $4 million from $3.8 million in 2015, according to the 2016 Cost of Data Breach Study conducted by the Ponemon Institute and sponsored by IBM.

As has been the case in all past editions of the report, the cost of data breaches continues to climb year-over-year.

As the overall costs of data breaches have risen, so too has the cost for each lost or stolen record.

In 2016, across all verticals on a global basis, each lost or stolen record cost $158, up from $154 in 2015.

That said, the cost of a data breach and the value of lost or stolen records is not uniform and depends on multiple factors.

For example, organizations that have incident-response teams can lower the cost per lost record by $16.

Additionally, the report found that breaches that were the result of malicious or criminal attacks were more expensive than the overall average, costing organizations $170 per stolen record.

In this slide show, eWEEK takes a look at key highlights of the 2016 Cost of Data Breach Study… Read More

Bills to Foster Cybersecurity Pass House

Excerpted from The Hill Report by Joe Uchill

Two bills from Congressman John Ratcliffe (R-TX) to foster relationships between Homeland Security and cybersecurity researchers passed the House on Tuesday night.

“Across this country there are innovators who are finding the answers, and we need to listen to them. The House knows this,” Majority Leader Kevin McCarthy (R-CA) said on the floor before the second of the two bills, the Leveraging Emerging Technologies Act, passed.

That bill, which passed 347-8, encourages Homeland Security to engage with promising private sector cybersecurity firms.

It includes permission to open remote offices in areas “with high concentrations of such innovative and emerging technology developers and firms.”

The agency is required to submit a private-sector engagement plan within six months.

The other bill, which passed 351-4, the Support for Rapid Innovation Act, encourages Homeland Security to fund and advise academic and private sector research with a focus on technologies with a “high probability of successful transition to the commercial market… Read More

State Department Deal Dials-Up IoT

Excerpted from The Wall St. Journal Report by Steve Rosenbush

The idea of machine-to-machine (M2M) communications among connected devices and objects has been full of promise for several years, but the phenomenon is still in the very early stages, so any deal that brings the so-called Internet of Things (IoT) to market is notable.

The latest example of Industrial IoT (IIoT) emerged from the State Department, which has awarded C3 IoT a contract to build an analytics platform to manage energy use and sensor health in real time across 22,000 buildings in more than 190 countries. CIO Journal’s Steven Norton has the story.

The platform is designed to collect and analyze hundreds of thousands of data points, using machine learning and cloud-based infrastructure, to support energy management, predict failure of equipment and monitor the health of sensors and other devices, according to C3.

The company, founded by Tom Siebel in 2009, provides a development platform and software-as-a-service (SaaS) apps for things like predictive maintenance, fraud detection and supply chain optimization.

It has expanded from energy to other sectors… Read More

Coming Events of Interest

Security of Things World — June 27th-28th in Berlin, Germany. Topics include securing cyber physical systems for IoT, expanding IT security with intelligence-led ops, business continuity management considerations, data privacy in an interconnected world, and security strategies.

Mobile World Congress Shanghai — June 29th – July 1st in Shanghai, China. MWC Shanghai is a very unique gathering that brings together industry participants ranging from C-Level mobile executives to end-user consumers passionate about mobile.

Industry of Things World Europe — September 19th-20th in Berlin, Germany. IoT business models, new IoT markets and strategies, product lifecycle management, next generation data handling and value assessment, IoT organizational impacts, and IoT security issues.

Security of Things World USA — November 3rd-4th in San Diego, CA. The newest event in the DCIA’s partnership with weCONECT Group has been designed to help you find pragmatic solutions to the most common security threats facing the IoT.

Government Video Expo — December 6th-8th in Washington, DC. GVE is the East Coast’s largest technology event for broadcast and video professionals, featuring a full exhibit floor, numerous training options, free seminars, keynotes, panel discussions, networking opportunities, and more.

Posted in Newsletters