Standardizing the Approach to IoT SecurityGartner's Ramamoorthy on a Security-by-Design Approach
Organizations around the world have realized that there are clear business benefits to be gained by leveraging the internet of things. But they need to take a structured, well-considered approach to integrating IoT into their risk management processes to address security concerns, says Ganesh Ramamoorthy, managing vice president at the advisory firm Gartner.
"Security teams are realizing the need to work closely with business units within the organization to ensure that security is no longer post implementation - security-by-design is the mantra," Ramamoorthy says in an interview with Information Security Media Group. "Security by design or designing any infrastructure in such a manner that it becomes prohibitively expensive to compromise is going to be the fundamental design philosophy in any kind of security infrastructure design in the future." (see IoT: Security Must Be Built In).
Efforts are already far along, he says, when it comes to building in security into the hardware/chip level for use in IoT devices, with various manufacturers taking a proactive approach. However an ISO-like standard for the industry may still be a few years away, he says (see IoT: The Need to Expand the Scope of Security).
In this interview (see audio player link below image), Ramamoorthy talks more about:
- IoT security as it relates to information risk management;
- The security implications of upcoming IoT developments and innovations (see IoT in India: Security Challenges;
- A sustainable approach to securing IoT infrastructure from the get-go.
Ramamoorthy is a managing vice president at Gartner, where he covers the global markets for IoT, wired communications semiconductors, application-specific semiconductors, semiconductor IP, chip design services and embedded software. He has more than 20 years of experience in the technology industry. Ramamoorthy is Gartner's agenda manager for semiconductor markets research.