Yesterday, GCA’s IoT Policy and Attack Report was featured again by Microsoft, in a post published by the company’s Corporate Vice President, Chief Technology Officer, Cloud and AI Security, Michal Braverman-Blumenstyk.
In her post, written as part of a closing reflection on Cyber Security Month, Ms. Braverman-Blumenstyk focused on several aspects of the concept of ‘zero trust,’ as applied to IoT and OT (Operational Technology) settings.
Taking the findings and recommendations in the 2021 Microsoft Digital Defense Report as a starting point, a number of key considerations for IoT and OT security, from supply chains to the devices themselves, were covered.
Among those findings, Ms. Braverman-Blumenstyk took time to focus on GCA’s IoT Policy and Attack Report.
Initially supported by Microsoft as an analysis of real attack data to demonstrate the effectiveness of some of the commonly recommended controls in preventing IoT incidents, the report offered four simple takeaways for IoT and OT security that were highlighted as a conclusion to the post:
- No default passwords
- Implement a vulnerability disclosure policy
- Keep software updated
- Continuously monitor IoT communication for unauthorized communications and attacks.
The full post is available at the link below: