Enterprise Times recently met with Christian Koch, Senior Manager GRC & IoT/OT at NTT Security (Germany) GmbH to talk about IoT security. It is a subject in the news at the moment, especially with the European Union focusing on who is responsible for securing devices.
During the conversation, Koch talked about the challenges of attributing blame and responsibility. This is an area where lawmakers will struggle. They have historically given software and technology a free pass when it comes to responsibility. The challenge is how to change that in a way that protects consumers and businesses.
We talked to Koch about this issue. Should the provider of the Internet connectivity be required to ensure it is secure and comes with protection? Should the responsibility lie with the original manufacturer of the IoT hardware? What if this is a product that is rebadged where a third-party adds their own software suite on top? It is possible to point to all of these players as having some responsibility but to have a legal basis, it has to be clear who is responsible.
Koch believes that it should lie with the OEM. They created the product and should patch it. He also thinks that we will begin to see the idea of a “secure IoT device” becoming a competitive differentiation in the short term. Longer term, he hopes that the industry will change its approach.
To hear more of what Koch had to say, listen to the podcast.
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there.