In years past, device functionality was enough to sell most embedded products without much concern for cybersecurity. Of course there were exceptions, such as in critical infrastructure, aviation, and military, for which security was always of importance. But today’s environment has evolved on several fronts. First, organizations across nearly all markets are demanding Internet connectivity to monitor and control devices as well as to aggregate and analyze data. Second, the magnitude of security threats has exploded, driven by highly sophisticated hackers including organized criminal gangs seeking financial returns, creating a constantly evolving threat landscape. Third, the increasingly complex nature of connected systems makes them ever more challenging to protect. The more complex a system, the more potential vulnerabilities it may contain. And fourth, the data generated by connected devices represent an asset that is becoming increasingly valuable for organizations to derive insights about their operations. In addition, an increasing portion of connected systems involve devices that can potentially damage people or physical property if compromised.