McAfee ITEXPO Keynoter Talks Safeguarding Your Critical Information in a Sea of Security Hacks
In the surge of intelligent technologies and wearables devices, consumers are sharing and entering more personal information than ever before. Consider the type of information your Fitbit tracks, for example—everything from your weight to your height to your blood pressure, depending on the model you purchase. What about your smartphone? Do you enable corporate synch? Do you access your banking information from your smartphone?
“The value of the data on these devices is 10 times what a credit card is worth today,” Gary Davis, Consumer Security Evangelist for McAfee, a division of Intel (News - Alert), told ITEXPO attendees this morning during his keynote presentation.
“It’s all about motive,” Davis said of the influx of security attacks as of late. “When you think about why nefarious people do what they do it’s because there’s a motive.”
Hackers have never had more motivation than now to steal personal information, especially when you consider how much personal information consumers currently share—and how little that information is protected.
Today’s’ hacker can collect a variety of metrics including spatial (time and location); physical (whether consumers are walking, sleeping, standing, etc.); physiological (pH balances); consumption (alcohol and cigarette consumption, for instance); and mental health (are consumers happy or sad) metrics, among other types of information.
There is a “hyper growth market” for wearable, mobile and cloud technologies, argued Davis, meaning hackers’ interest in these markets continues to be piqued. Take a connected car, for instance. Today’s connected car boasts about 100 million lines of code and attack surfaces—e.g. GPS, radio and cell—meaning those attack services are wide open to people with malicious intent, explained Davis.
“The more data that is being collected and transmitted the more likely something bad can happen,” he said. “This is a $300 billion to $1 trillion business, and that’s the number that drives cybercriminals and drives the activities to make this a worthwhile business venture.”
To evidence the need for tighter security in the consumer space, Davis shared a series of compelling statistics aggregated by Intel:
- There is an average of 25 vulnerabilities per device in the home
- 36 percent of mobile devices are not PIN protected. In other words, “if you happen to leave that phone on your chair and someone else picks it up, he or she has access to all your data,” Davis warned.
- Only 22 percent of people install software that can find a phone when lost and only 14 percent install any type of security software
- 8 percent install software that can erase a phone’s data. “I absolutely believe we need a kill switch,” Davis suggested. “I would rather know I could destroy my iPhone (News - Alert) and the $700 investment with one click instead of dealing with the consequences of someone getting access to that device.”
So why do these vulnerabilities exist? For starters, Davis suggests companies manufacturing IoT devices are forgoing considerations like security controls in order to improve time to market and convenience. They are often promising security in some later version but “by then, it will probably be too late,” Davis said.
Moreover, we as consumers are not properly educated about how to take proper security measure on our own to safeguard our data, as evidenced by the statistics above. Davis offered a number of tips for consumers. Specifically, when it comes to leveraging wearable technology devices, for example, Davis suggested for consumers to: complete their homework when considering purchases; change default password routinely; turn Bluetooth off when it is not required; and be judicious when using social sharing features.
When it comes to mobile device use, consumers need to read and understand privacy policies as well as be mindful of permissions. The use of cloud services requires consumers to be mindful of the advantage afforded by multi-factor authentication; to only collect data necessary to deliver service; and to implement secure session management.
“We need to build security in from the start,” Davis concluded. “There are simple things we can do today that will save consumers from a lot of embarrassment and trouble should something go bad and save them from headaches. Let’s do the simple things, start there and see where it goes.”
Edited by Maurice Nagle
Wearable Tech World Home