John Brooks’s Answers to Questions Asked about the ‘Securing a Multitude of
Devices’ Presentation at RAG Toronto 2019

How do you make money from a honeypot?

The honeypot isn’t necessarily designed to be a revenue generator by itself, but to instead contribute to the overall threat matrix that Subex is constantly constructing from each of the honeypots and live deployments globally.

How do you measure roi for these solutions?

ROI is measured by threats blocked and the number of devices they would have impacted had they broken through.

Is Subex moving away from telcos to other sectors?

No, in fact this technology for IOT security is also directly contributing toward our newest Digital Fraud Detection technology, and Subex Secure works in harmony with our ROC assurance product suite.

Really interesting to see about signing up a city to your technology. Is that a key focus given what you said regarding local government etc and usage of these connected devices ? That seems a huge shift in thinking…

With IOT technology, and with MEC (Edge Computing) it’s not just the telco networks that require securing any longer. Cities in many countries are building their own complex intranets, as are larger enterprises, which also need security at that edge as well.

How are fraudsters monetizing IOT vulnerabilities?

There are several paths to this, including initiating DDOS attacks that would lead to loss of business, or other IOT disabling or data-altering attacks that could lead to security breaches and other vulnerabilities. Monetization shouldn’t be thought of as a direct revenue increase resulting form an attack (like one would see in a bypass event, for instance), but instead as the ability to impact revenues or increase costs of a different party.