Logically Speaking February 2023
February 28, 2023
 
Curriculum Corner
 
Growth Opportunities
 

Development vs. Secure Development: An IoT Case Study

by Brian Wilson, Senior Instructional Designer, Logical Operations

 
 
Brian Wilson, Senior Instructional Designer, Logical Operations
Brian Wilson
Senior Instructional Designer
Logical Operations

The massive stone walls of ancient Troy took a long time and significant resources to build. Yet the fortress was defeated in a single moment, when someone made the bad decision to let in a giant wooden horse left as a parting gift from the Greeks.

Maintaining safety in a modern enterprise is also challenging, and just as dependent on the quality of decisions made by individuals. Not only do organizations have to worry about physical security (the kind provided by stone walls), they must also be concerned about the security of things that can’t necessarily be seen or touched – like cybersecurity, data privacy, regulatory compliance, and numerous other concerns of our modern, complicated world.

To help manage the complexity, some organizations have turned to technologies such as the Internet of Things (IoT) and machine learning. For example, running a casino is a complicated business. Not only do operators have to manage the gaming floor, they also have to run a hotel, food service operations, parking garage, shuttle service, and myriad other concerns. Doing the job well requires information. To that end, a casino business might use IoT devices to monitor security cameras for unusual patterns of foot traffic or customer behavior. They could monitor food safety temperatures in their kitchens and serving areas. They might even use IoT devices to regulate the temperature and cleanliness of those enormous fish tanks in the lobby.

But, as with many business decisions, benefits are often accompanied by risks. You may have heard about the case of the casino that was hacked through its Internet-connected fish tank. While many consumer-oriented devices can be set up and used by almost anyone (like the guy who got tired of scraping the green stuff off the sides of the fish tanks, for example), the people setting up those devices may not always be fully aware of the risks. They may be introducing a Trojan horse to the organization, or opening the gateway to other sorts of malware and cyber attacking ne’er-do-wells.

Technologies like IoT can help an organization manage complexity. But when the organization doesn’t have a culture that puts security first, technology can actually make the situation worse. In a “security first” organization, all members of the organization would be trained in CertNexus CyberSAFE practices and would learn to question the security of ad hoc solutions. The use of appropriate technology would be embraced and supported, but solutions would be planned, designed, and implemented by a team knowledgeable in security implications, and the systems used to actively monitor and protect the organization’s networks would be aware of any new devices added to the organization’s wired and wireless networks.

CIoTSP logo

That’s the difference between IoT development and secure IoT development – and that’s the difference that the CertNexus Certified Internet of Things (IoT) Security Practitioner™ (Exam ITS-110) course and exam can make to your IoT project.

________________________________________

 

Latest Product Highlights


     
       
     
     

    ________________________________________

     

    Content Revisions

     

    Logical Operations revises student and instructor materials based on technical changes, customer feedback, and our own assessment of necessary changes. The revision notes for the most recent updates are below as well as posted on the Content Revisions page. Use this page as a resource to quickly access and view all revision details for any of our recent course updates. 

    ​​​​​Recent Revisions:

    • Recent Revisions:

      • Microsoft® SharePoint® Modern Experience: Site Owner with Power Platform (091096)
        • For version 2.0, releasing in March, 2023, the course has not only been re-titled, but has been completely revised and re-designed in response to customer input as well as software changes. For more information, see the Bridge Document on our Content Revisions page.
      • Certified CMMC Professional (CCP) (093200)
        • The 2.1 revision, released February, 2023, corrected a few errata.
      • CMMC CCP Boot Camp (093202)
        • The 2.1 revision, released February, 2023, corrected a few errata.

    For more information about each of the revisions, visit our Content Revisions page.

    Reminder: When viewing a product on the store, check the Revision Information tab to see the summary description of the most recent revision for that product at any time.

    Screenshot of revision field on Logical Operations store/>

    ________________________________________