Uncategorised

Well folks, we just completed 12 years at TwelveDot and it has been quite the ride for both the company and myself. We have had  a lot of changes over the years with both the company and how we operate. This was due to a changing focus with our customers and how we had approached offering our services. I would have never thought that I would get to meet so many new contacts, work in new sectors such as aviation, healthcare, and education, and get to travel the world over doing so. To all of our current and former clients thank-you for believing in us. To those we still have to meet, we look forward to the day we can satisfy your cyber needs.

Starting this month and going forward, I will be posting updates as we look to change some of the operational aspects of the business. These are not significant just changing with the times to again meet the demand of the market and need for specialized services.

I will also beginning a series on the CSA/ANSI T200 standard that was published last year. We were pivotal in both developing and writing this standard and we are hoping that it will really become a baseline for all IoT devices to be evaluated using a maturity model approach. This standard already is aligned to the ISO standard on a IoT baseline (ISO/IEC 27402) and the ETSI baseline (303 645) for Europe. We made harmonization a key aspect of this standard to allow vendors to get assessed under one program that would have global recognition. More on this later including the many organizations who are already recognizing this standard for testing and evaluation of IoT products.

I will also be announcing a book I am working on later this year as well. It represents the 10 plus years of work we have done for IoT both as research and as product evaluators.

With the post-COVID generation upon us, we look forward to contributing to more International standards work and projects that help to build on our recognized achievements to date. To our staff, this would not have happened without you and I am grateful for all our staff both current and previous.

//Faud

This past week I was fortunate to be invited as a guest speaker for the 1st Internet Society meeting on IoT security. This meeting was well attended from government, private sector companies and academia. It was a means to get on the same page to issues at hand and how do we as users, developers and government secure the Internet and IoT.

The key issues at hand include:

1. Awareness to the issue of IoT Security for Canadian, not just individuals but organizations who want to deploy IoT technologies

2. What exists now from standards and best practice perspective and what approaches can be used

3. What can be done to ensure the next generation of these devices is not a source of another DDoS or other malware on the Internet.

As promised, I am including my presentation and mind map that was presented. Please feel free to share this as necessary, the more groups and individuals who are talking about this subject the better.

For more information check out ISOC here.

ISOC Ottawa_v1

IoT Attack Surface_MindMap

 

Today as CEO of TwelveDot, I was fortunate to be able to present a talk entitled “The Attack Surface of Aircraft” at the first Labour Market Strategy Day hosted by the Canadian Council for Aviation and Aerospace (CCAA). The well represented aviation sector group that was there discussed how labour issues are impacting the aviation sector – not unlike the way labour issues are impacting the cyber security industry. Although this was not a cyber event, the goal was to educate attendees about how cyber security is going to change all of this.

My presentation opened with details on how aircraft are currently being targeted by hackers but then focused on the necessary skills that are required to deal with this and complete testing of this magnitude. Both the aviation and cyber security industries are experiencing the same labour shortage and issues so we need a national strategy going forward. And it will need the support of academia, government and industry .

The session generated some great discussions and there seems to be consensus that Canada needs a national strategy. CCAA will work with members to draft some concepts of bringing all relevant parties together to grow this Labour Market Strategy Day and TwelveDot is ready to make its contribution here. Lastly, in case you did not know, Canada is actually #5 for aviation solutions globally…….not too shabby.

FYI:

http://www.avaerocouncil.ca/

http://www.avaerocouncil.ca/en/labour-market-strategy-day-home

 

 

 

With the recent rash of Healthcare data breaches it raises an important concern why is this happening? Especially, given the regulatory frameworks in place to protect patient data. We could spend many resources to determine the root cause of these issues however, there might be a better approach to begin with.

Specifically, healthcare providers, product and service companies need to change their approach to how they collect and protect patient data. The protection chain and data lifecycle needs to be completely understood. Only then can we ensure that data breaches do not become the norm.

TwelveDot using sound security principles based on ISO Security Standards has developed an organizational approach to addressing healthcare security. We have created a White Paper entitled “A Systematic Approach to Cyber Health” that details what organizations need to accomplish and our approach to put them in a position to better secure data handled.

Our goal is that only using a systematic approach to cyber security can healthcare providers ensure they protect their patient data.

Please download it here, and as usual please reach out to us with your questions, comments and issues in healthcare.