The Kudelski Group has launched a new Internet of Things (IoT) Security Center of Excellence that will build on the expertise of Kudelski Security and its decades of experience in protecting digital TV contents and devices, according to a recent announcement. This entity has the goal of providing guidance and technology to help companies across all industries secure their IoT innovations over entire product lifecycles.
“Companies across all industries have IoT initiatives planned or underway. Unfortunately, new threats are emerging and jeopardizing success from the outset,” said Rich Fennessy, CEO, Kudelski Security. “Fortunately, we possess a long history of innovation that directly addresses IoT security demands, supported by the best-practices of Swiss engineering. From vetting chipsets to identifying vulnerabilities to embedding countermeasures and providing legal support, our one-of-a-kind capabilities support all stages of IoT security. In turn, our customers can confidently carve out vital, early-stage market share and build sustained success in a burgeoning space offering lucrative opportunities.”
Planned services will reach beyond hardware and software assessment and evaluations to include recommendations and implementation of effective design & control frameworks, countermeasures to mitigate risks and protect investments, as well as legal services.
IoT Security Design & Assessment: While IoT devices have a well-developed and strong functional architecture enabling business operation, the security architecture has its own rules and methods to reach the required level of reliability and security, creating constraints that are potentially not aligned with functional requirements. For existing products, in-depth evaluations are performed in the Group's state-of-the-art laboratory to assess the security of chipsets, hardware and software components used in IoT devices and ecosystems. This analysis may result in identifying vulnerabilities that could have led to service theft, device cloning or breach of hardware security features to gain control over a system, or in reassuring the client that the device is secure.
IoT Security Posture Improvement: Once vulnerabilities, flaws and weaknesses are identified, best-in-class technologies are implemented to ensure security controls in embedded systems, software/firmware, communication protocols, platforms and applications. Key management, endpoint authentication, data encryption and hardware-based roots of trust are combined with the latest methods for software security including application code obfuscation and white-box cryptography techniques designed to resist even the most advanced threats.
IoT Cybercrime Countermeasures: If a system comes under a sustained attack or emerging threat, the IoT Security Center of Excellence has the ability to provide prompt advice and services. Proactively, it can embed sleeper countermeasures into devices which can be activated against threats and carry out rapid prototyping powered by threat intelligence from the Kudelski Security Cyber Fusion Center. In the event intellectual property is infringed upon, Kudelski legal teams can provide support for litigation in almost any court of law globally.
The IoT Security Center of Excellence is driven by advanced capabilities that ensure customer devices and systems meet desired security levels at all stages of development before and after launch. A long-term partnership approach offers product developers in all industries the ability to focus on their core products while being assured that security is maintained over time. Key to success is a focus on establishing the right balance between security measures, risk and cost; a strategy that can accelerate time-to-market, as well as protect and provide a competitive advantage.