Securing the IoT begins with understanding why it requires a fundamentally different set of strategies and tools than those currently used in IT, telecom and other domains . . . SSL/TLS is not sufficient for small devices with the need to protect the data in use, in motion and at rest.
Phi Beta Iota: Data at rest encryption was discussed in the Office of Information Technology in 1986, and dismissed as unnecessary and too hard. In a related failure, when NSA was told to secure US communications and computing, it chose instead — with the complicity of the CEOs of major companies — to instead insert juvenile back doors that helped encourage Chinese, Israeli, and Russian hackers.