Rapid7’s Deral Heiland on Why Your Network Segmentation Strategy Overlooks IoT Risk

Even in "properly secured" networks, Deral Heiland, Principal Security Research (IoT) at Rapid7, explains how inter-chip communication vulnerabilities and shared infrastructure enable lateral movement — including finding active hospital credentials on secondhand medical equipment and using unsegmented security cameras to breach state government networks. His research reveals why common security practices often fail: even when external interfaces are encrypted, internal device communications remain vulnerable. Learn practical approaches to implementing protocol-aware monitoring, developing hardware testing capabilities, and securing legacy devices that can't be patched.

Chapters:
00:00 Introduction and background
03:49 IoT ecosystem testing methodology
07:43 Inter-chip communication vulnerabilities
11:15 Protocol-specific monitoring
12:53 Coordinated vulnerability disclosure
15:05 Network segmentation strategies
19:31 Hardware testing skill development
21:20 Asset management and disposal
22:50 Legacy device security
26:57 Incident response for IoT
29:49 Implementation case studies
31:37 Closing thoughts

Follow us on Social Media
LinkedIn: https://www.linkedin.com/company/team-cymru/
Twitter: https://twitter.com/teamcymru
Twitter (Research Team): https://twitter.com/teamcymru_S2

Learn more at team-cymru.com

#cybersecurity #cybersecurityleadership #podcast #cyberpodcast #riskmanagement #securitymanagement #threat #threatintelligence #threatintel #threatdetection #threatmanagement #threatprevention #threatanalysis #thoughtleader #thoughtleadership #securityoperations #secops #networksecurity #securityprofessionals #cybersecuritycompany #risk

Видео Rapid7’s Deral Heiland on Why Your Network Segmentation Strategy Overlooks IoT Risk канала Team Cymru