As an Engineer, I have always been fascinated not only by individual systems but how systems communicate with one another as a whole to form an ecosystem.
Not surprisingly, this fascination of mine led me into an exciting career in Cybersecurity — a field where anomalies and seemingly coincidental patterns are never taken at face value. Often, the root cause of such incidents lies deeply ingrained in the interconnection of subsystems.
Our current Cybersecurity Startup, Bibu Labs, started off as an exploration of IoT Security and how AI algorithms can be leveraged mitigate risk for Enterprise clients. Although this post is 1.5 years overdue, I have decided to share some of the research work I have done as a means to contribute towards this field.
The following is a “ Vulnerability Map” I created by pairing my experience as a Cybersecurity Consultant and Engineer with existing material from various sources (“IoT Hackers Handbook” is one resource that comes to mind), to create a one of a kind Visual representation of Security Vulnerabilities present in IoT, and some techniques hackers can leverage to exploit such vulnerabilities.
How To Read The Vulnerability Map
I would first like to address the readers attention to the center of the diagram, where the different components of an IoT System are broken down as IoT Device, Local Network, Global Network, Cloud Service and Controller Device. Each component is then tied down to potential Security gaps, which in turn are connected to techniques attackers can use to exploit such gaps.
I would be happy to elaborate on the above diagram upon further interest.
The Author: Tahseen graduated from the University of Waterloo in Electrical Engineering. He has ever since dedicated his career towards Cybersecurity. He was the Lead Developer of IBM AppScan Source Cloud, a leading Application Security (SAST) Tool. He is an Award winning Cybersecurity Consultant for multiple Fortune 500 firms, Financial institutions, and Governments. He is currently the Founder of Bibu Labs.
Bibu Labs: Is a University of Waterloo startup building the next generation Cyber AI Platform-as-a-service. This platform makes it easy for companies to leverage specific AI modules to automate and optimize key tasks in Security Operation Centers and Serverless Computing.