San Francisco, CA (PRWEB) February 8, 2011
Mocana, a company that focuses on smart device security, today announced that it is creating a new Smart Device Threat Center knowledgebase and website. The Mocana SDTC will be the webs first centralized repository of information on smart device-based threats, hacks, vulnerabilities, viruses and malware. The SDTC will differ from existing threat centers by addressing all smart device segments, not just smartphones. This includes medical devices, industrial automation, office and datacom equipment, automotive and aviation electronics, federal and military devices, smart grid, embedded systems, point-of-sale and near-field-communications devices, and of course, smartphones and tablets. The SDTC will also report on the apps and services that run on these smart devices. In short, Mocanas SDTC will centralize information about threats to virtually anything that connects to the Internet that isnt a PC.
A centralized repository of device vulnerabilities, threats and malware is desperately needed, said Rich Beyer, chief executive officer of Freescale Semiconductor, one of the worlds leading suppliers of computing chips for automotive, networking, appliance, consumer and industrial devices. Similar databases and websites have existed for PCs since the late 1990s, but the Internet and the threats we face have dramatically changed since then. We look forward to contributing our device expertise, experience and best-practices to help make Mocanas SDTC an indispensible resource for the international device community.
The benefits of embracing connected, smart devices across every segment of the economy is well established,” said Dimitri Volkmann, Vice President of Product Management of Good Technology. “Without the right security, these devices and the applications running on them won’t be trusted, and enterprises will fear data loss and resist fully integrating these new tools into their business processes. Our partner Mocana’s new Smart Device Threat Center can play a crucial role in operationalizing devices by creating a fuller understanding of the threats that device platforms face at any given time.
Since devices already outnumber PCs on the Internet by about five to one, we know this is a hugely important task for the industry, said Adrian Turner, CEO of Mocana, Mocanas broad experience with embedded systems and smart devices in diverse industries, from defense to automotive to consumer electronics and mobile, gives us a holistic view of the rapidly-emerging Internet of Things. The SDTC will be more than a site that collects smartphone threats, thats just a small piece of it. Well collate, analyze and evaluate threats to the entire interconnected device ecosystem, including devices that play crucial roles in protecting life, and property, like medical devices and industrial process controls. That breadth of coverage is important for this next wave of computing. The security bar needs to be much higher across every device class.
Because devices are so interconnected, a single weak class can cause cascading failures or compromises to other devices on the network. And since these devices are often in the field for 10, 15, even 20 years, device designers and app developers need to take a more proactive stance when it comes to security. The right approach to device and application security pays off in compelling ways, ensuring trust and enabling and personalization, automation and context intelligent policy enforcement when devices are fully ‘operationalized’.
Exact numbers of viruses, hacks and vulnerabilities are hard to come by, precisely because a device knowledgebase like Mocanas SDTC has never been built. One reason is because the number of threats targeting devices has only recently hit critical mass. While virtually all sources agree that device threats are underreported, current estimates of the malware population targeting devices are in the low thousands approximately equivalent to the number of PC viruses in 1996 but they are growing twice as fast and are already more potent.
Another reason an SDTC hasnt yet been built is that the device ecosystem is fundamentally different from the PC universe, and devices face unique threats and attack vectors, like appstore marketplaces, and in the near future, NFC payments. Security needs to evolve. Getting the SDTC up and running is crucial, too, because smart devices are often placed in more critical contexts than PCs but devices are almost never fielded with even the security technology included on a typical home PC. Hackers in 2011 are more sophisticated than their 1996 counterparts, too, and their motives are far more likely to be payback, profit or intelligence-oriented than their more innocuous cousins of days gone by. Already techniques that are more sophisticated than those used against PCs are being used against smart devices. The stakes — and the business and societal drivers to get security right the first time — are higher than ever.
The SDTC will objectively collate and categorize device-targeting viruses, malware, demonstrated and theoretical vulnerabilities, case studies and post-mortems of actual attacks on devices and the applications and services that run across them. Finally, Mocanas SDTC will provide expert analysis, education and recommendations for device and device application and services risk mitigation and post-incident recovery. The SDTC will be staffed by a team of dedicated device security scientists and engineers from Mocana Labs, the research and development arm of Mocana.
One unique aspect of the Mocana model will be its openness to the user community. The SDTC will empower users to submit their own reports and analysis of device security problems, and even enable users to edit live articles on specific threats and vulnerabilities, just like Wikipedia.
Mocana was in the news recently for demonstrating important security flaws in one of the top five globally best-selling brands of Internet-connected HDTVs (read more at http://nyti.ms/g1Ao0N ). Most recently, Mocana and Symantec partnered to host a gathering of the device digerati at CES Las Vegas dubbed The Amphion Forum http://www.amphionforum.com. Mocanas announcement of the SDTC is at least partly due to feedback the company has received from industry at events like the Amphion Forum, and in private meetings. Luminaries and iconoclasts who spoke and participated in Amphion panel discussions included John Cohn, Ph.D., IBM Fellow and Chief Scientist of Design Automation at IBM; Herbert H. Thompson, Ph.D., Chief Security Strategist at People Security and Program Chair for RSA Conferences; Major General James D. Bryan, U.S. Army (ret’d) and President at National Security Group; Rich Beyer, Chief Executive Officer at Freescale Semiconductor; and Dr. Whitfield Diffie, Vice President for Information Security at ICANN.
Mocana is developing the industry’s only device-independent Smart Device Security platform that secures all aspects of IP addressable devices as well as the information, applications and services that run on them. Mocana’s solutions dramatically increase confidence, trust and compliance among OEMs, service providers and their customers. Every day, millions of people use products sold by over 150 companies that leverage Mocana’s Device Security solutions, including Cisco, Honeywell, Dell, General Electric, General Dynamics, Avaya and Harris, among others. Mocana won Frost & Sullivan’s Technology Innovation of the Year award for 2008 for Device Security, and was named to the Red Herring Global 100 as one of the “top 100 privately-held technology companies in the world” in January 2009. Individuals wanting to dive deeper into the current security state of the Internet of Things are invited to download one of Mocanas quarterly, in-depth Device Security Reports at http://bit.ly/g77zSb .