A practical, indispensable security guide that will navigate you through the complex realm of securely building and deploying systems in our IoT-connected world Key Features: Learn to design and implement cyber security strategies for your organization - Learn to protect cyber-physical systems and utilize forensic data analysis to beat vulnerabilities in your IoT ecosystem - Learn best practices to secure your data from device to the cloud - Gain insight into privacy-enhancing techniques and technologies Book Description: With the advent of Internet of Things (IoT), businesses will be faced with defending against new types of threats. The business ecosystem now includes cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces, a desire to share information with many stakeholders and a need to take action quickly based on large quantities of collected data. . It therefore becomes critical to ensure that cyber security threats are contained to a minimum when implementing new IoT services and solutions. . The interconnectivity of people, devices, and companies raises stakes to a new level as computing and action become even more mobile, everything becomes connected to the cloud, and infrastructure is strained to securely manage the billions of devices that will connect us all to the IoT. This book shows you how to implement cyber-security solutions, IoT design best practices and risk mitigation methodologies to address device and infrastructure threats to IoT solutions. This book will take readers on a journey that begins with understanding the IoT and how it can be applied in various industries, goes on to describe the security challenges associated with the IoT, and then provides a set of guidelines to architect and deploy a secure IoT in your Enterprise. The book will showcase how the IoT is implemented in early-adopting industries and describe how lessons can be learned and shared across diverse industries to support a secure IoT. What You Will Learn: Learn how to break down cross-industry barriers by adopting the best practices for IoT deployments - Build a rock-solid security program for IoT that is cost-effective and easy to maintain - Demystify complex topics such as cryptography, privacy, and penetration testing to improve your security posture - See how the selection of individual components can affect the security posture of the entire system - Use Systems Security Engineering and Privacy-by-design principles to design a secure IoT ecosystem - Get to know how to leverage the burdgening cloud-based systems that will support the IoT into the future. Who this book is for: This book targets IT Security Professionals and Security Engineers (including pentesters, security architects and ethical hackers) who would like to ensure security of their organization's data when connected through the IoT. Business analysts and managers will also find it useful. Brian Russell is a Chief Engineer focused on Cyber Security Solutions for Leidos. He oversees the design and development of security solutions and the implementation of privacy and trust controls for customers, with a focus on a secure Internet of Things (IoT). Brian leads efforts that include security engineering for Unmanned Aerial Systems (UAS) and Connected Vehicles, next- generation energy systems (microgrids), and the development of cryptographic key management systems. He has 16 years of cyber security experience and supports the Center for Internet Security (CIS) as a member of the 20 Critical Security Controls Editorial Panel. Brian also serves as Chair of the Cloud Security Alliance (CSA) Internet of Things (IoT) Working Group, is a member of the Federal Communications Commission (FCC) Technological Advisory Council (TAC) Cyber Security Working Group for IoT, and is a contributor to the Securing Smart Cities Initiative. Drew Van Duren is a senior cryptographic and cybersecurity engineer at Leidos, highlighting 15 years of support to commercial, Department of Defense (DoD), Intelligence, and Department of Transportation (USDOT) customers in their efforts to secure vital national systems. Originally an aeronautical engineer, his experience evolved into cyber-physical (transportation system) risk management, secure cryptographic communications design, as well as software and network engineering analysis/design for cryptographic network protocols. He has performed extensive UAS risk/threat modeling, has security mitigation expertise in the FAA Unmanned Air System (UAS) integration office, and, in conjunction with the RTCA, developed cryptographic security requirements for unmanned aircraft planning to operate in the US National Airspace System (NAS). He has also supported USDOT and the automotive industry in threat modeling and security/conformance testing for Connected Vehicle operations and systems, culminating in recommended design modifications for the largest anticipated public key infrastructure (PK