The Internet enables any-to-any connectivity. The first wave of connectivity was user buildings (homes and offices) connecting to business buildings with wired Internet connections. The second wave was mobile user devices (laptops, smartphones, tablets) connecting to businesses and each other over wireless Internet connectivity. The latest wave is "things" connecting to users, businesses and other "things" using mixtures of wired and wireless connectivity. The Security Challenge: Most of the devices in the Internet of Things will be used in two broad areas: 1. Critical Infrastructure - power production/generation/distribution, manufacturing, transportation, etc. 2. Personal "infrastructure" - personal medical devices, automobiles, home entertainment and device control, retail Critical infrastructure represents an attractive target for national and industrial espionage, denial of service and other disruptive attacks. Internet connected things that touch very sensitive personal information are high priority targets for cyber criminals, identity theft and fraud. In both of these areas, new technology requiring new approaches to security will be added to legacy systems employing legacy security processes and technology. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution
