In RIOT Control, security experts from McAfee discuss how the Internet of Things (IoT) flips the current internet with de-centralized, uncontrolled elements driving massive data from the ends into central servers and the cloud, rather than the other way around. Some estimates suggest that every human being will soon be surrounded by 1,000 to 5,000 connected objects eventually, 100 trillion static or moving objects which makes for a complex system, prone to unexpected behaviors. As various industry domains rush to adopt IoT technologies, they need guidance on IoT-ready security and risk management practices to ensure system availability and security.

This book explains IoT risk in terms of project requirements, business needs, and system designs that include endpoints, network connectivity, and cloud-based data centers. Understand the threats and vulnerabilities of the IoT, as well as performance metrics at the enterprise level. In recommending emerging techniques, the authors provide insight to help judge which are best according to specific risks and organizational needs under consideration. Multiple case studies span several chapters to better illustrate the business, operational, and technical risks inherent in IoT deployments.
Explains sources of risk across IoT architectures: endpoints, network, and cloud-based data centersIncludes multiple case studies threaded through several chapters covering business, operational, and technical risk issuesOffers insight from Intel (McAfee) insiders about emerging tools and techniques for real-world IoT systems

Internet Protocol (IP) networks increasingly mix traditional data assets with traffic related to voice, entertainment, industrial process controls, metering, and more. Due to this convergence of content, IP networks are emerging as extremely vital infrastructure components, requiring greater awareness and better security and management. Offering diverse perspectives from the world's leading experts on convergence, Securing Converged IP Networks illustrates how to maintain content integrity and network assurance. This book discusses the convergence market and the business drivers of convergence, details how to measure the sensitivity and assurance requirements of different data assets and discusses a wide range of ICT security threats and vulnerabilities. Later chapters discuss controls and safeguards in terms of management, as well as, technical, and operational tools that can reduce the likelihood of wide range of risks. It also provides recommendations for managing the assurance, implementation and operation of converged ICT network infrastructures and examines the future of ICT security and assurance under IP convergence.

As industrial control systems (ICS), including SCADA, DCS, and other process control networks, become Internet-facing, they expose crucial services to attack. Threats like Duqu, a sophisticated worm found in the wild that appeared to share portions of its code with the Stuxnet worm, emerge with increasing frequency.

Explaining how to develop and implement an effective cybersecurity program for ICS, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS provides you with the tools to ensure network security without sacrificing the efficiency and functionality of ICS.
Highlighting the key issues that need to be addressed, the book begins with a thorough introduction to ICS. It discusses business, cost, competitive, and regulatory drivers and the conflicting priorities of convergence. Next, it explains why security requirements differ from IT to ICS. It differentiates when standard IT security solutions can be used and where SCADA-specific practices are required.
The book examines the plethora of potential threats to ICS, including hi-jacking malware, botnets, spam engines, and porn dialers. It outlines the range of vulnerabilities inherent in the ICS quest for efficiency and functionality that necessitates risk behavior such as remote access and control of critical equipment. Reviewing risk assessment techniques and the evolving risk assessment process, the text concludes by examining what is on the horizon for ICS security, including IPv6, ICSv6 test lab designs, and IPv6 and ICS sensors.

Critical Infrastructure (CI) is fundamental to the functioning of a modern economy, and consequently, maintaining CI security is paramount. However, despite all the security technology available for threats and risks to CI, this crucial area often generates more fear than rational discussion. Apprehension unfortunately prompts many involved in CI policy to default to old-fashioned intuition rather than depend on modern concrete risk assessment as the basis for vital security decisions. Going beyond definitions, Critical Infrastructure: Understanding Its Component Parts, Vulnerabilities, Operating Risks, and Interdependencies looks at the iron triangle within CI: power, telecom, and finance. It introduces the concept of CI as an industrial and enterprise risk conductor, highlighting the reality that a CI failure can propagate a crisis with far-reaching repercussions. Focuses on Canada and the US Equally for a Useful Cross-Border Security Analysis With $2.5 trillion at stake in United States' CI alone, supreme standards and metrics are mandatory for solid protection of such a sophisticated and complex area. This powerful volume is dedicated to moving CI security into the 21st century, illustrating the danger in basing critical CI policy decisions on the existing legacy frames of reference. It represents one of the first complete departures from policy, planning, and response strategies based on intuition and anecdotal evidence.

Internet Protocol (IP) networks increasingly mix traditional data assets with traffic related to voice, entertainment, industrial process controls, metering, and more. Due to this convergence of content, IP networks are emerging as extremely vital infrastructure components, requiring greater awareness and better security and management. Offering diverse perspectives from the world's leading experts on convergence, Securing Converged IP Networks illustrates how to maintain content integrity and network assurance. This book discusses the convergence market and the business drivers of convergence, details how to measure the sensitivity and assurance requirements of different data assets and discusses a wide range of ICT security threats and vulnerabilities. Later chapters discuss controls and safeguards in terms of management, as well as, technical, and operational tools that can reduce the likelihood of wide range of risks. It also provides recommendations for managing the assurance, implementation and operation of converged ICT network infrastructures and examines the future of ICT security and assurance under IP convergence.