Getting Started with IoT Security

IoT networks and devices often face attacks as soon as 5 minutes after connecting, thus representing a major threat to healthcare, smart building, manufacturing, power, and other sectors. IoT Devices and Networks can feature numerous vulnerabilities, including weak passwords, lack of security update mechanisms, Shadow IoT, outdated software components/libraries, insufficient privacy protection, insecure networks, unencrypted data, and more. Common attacks on IoT networks include ransomware, eavesdropping, privilege escalation, brute force attacks, buffer overflow, DDoS, firmware hijacking, device hijacking, data theft, and botnets. Demand for IoT Security Specialists and IoT Security Engineers has surged, with their responsibilities including the design of security processes, monitoring IoT devices and networks, identifying and assessing IoT vulnerabilities and risks, preventing IoT threats, and rapidly detecting and responding to incidents. IoT Administrators, network security teams, CISOs, security leaders, IoT architects, and engineers, are also expected to incorporate IoT security into their organization’s standard security practice, process, and procedure, create an IoT security posture that reliably enables IoT innovation and protects their network from existing and unknown threats. 

The course will begin with an overview of IoT, including its architecture, components, the IoT lifecycle, its reach, and what the future holds for IoT. As you move along, you’ll gain an understanding of some of the common IoT protocols including Zigbee, MQTT, and COAP. Next, the course will provide a detailed explanation of some of the common security issues, vulnerabilities, and potential attacks on IoT devices and networks (including a look at OWASP's Top 10 IoT Vulnerabilities 2018). You’ll then learn about some infamous past attacks on IoT devices and networks (including Mirai Botnet, TRENDnet Webcam Hack, Verkada security camera attack, and others). Moving ahead, you’ll gain an understanding of the challenges in IoT security. The course will then provide an explanation on standards and regulations associated with IoT Security. You’ll also learn about the IoT Security Assurance Framework, while you’ll then dive deep into the IoT Security Lifecycle. Next, the course will demonstrate how to carry out secure design and engineering of IoT Hardware and Software (helpful for developers and architects), how to manage IoT software and firmware risks, and how to carry out physical security of IoT devices. As you continue your learning journey, the course will demonstrate how to perform risk assessment and management in IoT, and how to implement Identity and Access Management in IoT. You’ll also explore how to perform user and device management in IoT, how to ensure network-level security in IoT (IP networks, wireless networks, mobile networks, edge networks), and how to apply zero trust across the IoT Network.

By the end of this course, you’ll be able to secure your IoT devices and networks using a multitude of measures.