Columbia-based MasterPeace Solutions is working on an open source project to address security vulnerabilities in Internet of Things devices.
osMUD is aimed at protecting internet-connected devices used at homes and small businesses. The project was shared with the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, which is based in Rockville, according to MasterPeace.
Now, the cybersecurity firm will participate in a consortium that was formed around the effort that looks to bring together bring together device manufacturers, network security companies, and network administrators. Participating organizations include Cable Labs, Cisco, CTIA, Digicert, ForeScout, Global Cyber Alliance, Patton, and Symantec. Each organization will provide code and expertise to the effort. MasterPeace is providing network security engineering and defense operations expertise. The longtime government contractor has previously shown willingness to gather the community in recent years with efforts like an in-house accelerator.
“We believe IoT represents a significant cyber threat. This technology has the potential to expand an organization’s attack surface, merge unmitigated vulnerabilities into an ecosystem, and, in the worst case, facilitate the transformation of digital attacks to physical attacks with severe consequences,” MasterPeace CEO Drew Cohen said via email. “Even with these threats, the IoT market is growing faster than other IT segments. We anticipate that organizations and consumers will start investing in technology that offers protection, and believe that developing cutting edge IoT security technology makes great business sense.”
MUD, short for Manufacturer Usage Description, will provide manufacturers with steps to keep devices from communicating inappropriately. These steps are designed to then help automate security processes.
“MUD will make it possible for manufacturers to define ‘safe’ operating conditions of their devices so that network security capabilities can automatically limit device functionality to appropriate usage, thereby blocking malicious activity,” Cohen said.
Given that the effort is open source, the information will then be freely available.-30-
Baltimore City Council cybersecurity committee to hold first hearing [Events Roundup]
A ‘Moon colony’ challenge gave Maryland Girl Scouts a hands-on cybersecurity lesson
After winning DataTribe Challenge, Prevailion grows in Maryland
How this lawyer is helping entrepreneurs bark up the right tree
Baltimore bought $20M in cyber insurance. Such policies are becoming more common
Xandr, AT&T’s ad company, partners with Baltimore’s clean.io
IoT security startup ReFirm Labs raises $2M
Get to know SmartLogic’s culture of plants, podcasts and productive client relationships
Sign-up for daily news updates from Technical.ly Baltimore