Internet of Things Security Foundation Conference | 40+ Speakers

Internet of Things Security Foundation Conference

Internet of Things Security Foundation unveil over 30 speakers for the 6th Annual IoT Security Foundation Conference, PLUS more to be announced soon. The IoTSF Cybersecurity Conference is a four-day virtual event, from 1st to 4th December, 2020, that will illuminate and educate delegates with best practice, next-practice and the latest developments in IoT cyber security.

Book Tickets here

The Internet of Things Security Foundation Conference features talks by leading cyber security experts, training workshops and track sessions for executives, developers, engineers, managers and security professionals including:

Keynote Speech:“AI-Driven Cyber Defense for Endpoint Energy Assets”
Leo Simonovich, VP & Global Head, Industrial Cyber, Siemens Energy
Keynote Speech:“IoT Security Challenges and Opportunities in the 5G Era”
Mihoko Matsubara, Chief Cybersecurity Strategist, NTT CorporationKeynote Speech:“When One Size Solution Doesn’t Fit All”
Kat Megas, Program Manager for the NIST Cybersecurity for Internet of Things (IoT) program, NIST

“Software Provenance – Where Do We Draw the Line?”
Matt Wyckhouse, CEO, Finite State

“Securing the Industrial IoT”
Simon Butcher, Principal Embedded Security Engineer, Arm

“Secure Management of Things in AWS IoT”
Dave Walker, Principal Specialist Solution Architect for Security and Compliance, Amazon Web Services

“Practical Physical Attacks Against Embedded Systems and Their Secure Design to Mitigate Them”
Rohini Narasipur, Product security engineer and incident handler, Bosch PSIRT

“Challenges of Vulnerability Management and Disclosure Processes in a Big Organisation – The Bosch PSIRT”
Carolina Adaros, Product Security Incident Handler, Bosch PSIRT

“Shining the Light of Truth: a Journey into Vulnerability Disclosure Practices at Consumer IoT Product Companies”
David Rogers MBE, Founder, Copper Horse

“IoT on the Frontline – when a 3rd Party 0day Becomes your Problem…”
Adam Laurie, Global Lead Hardware Hacker, IBM

“Sensory Overload – Cybersecurity Threats for Next Generation Vehicles”
Steve Povolny, Head of Advanced Threat Research, McAfee

“Secure by Design, Still a USP in a Competitive Environment”
Ivan Reedman, Head Tinkerer and Ponderer, NCC Group

“The Consumer IoT Attack Surface – an Architectural Deep Dive on the Threats and Mitigations for Real World IOT Deployments”
Nick Allott, CEO, NquiringMinds

“One Way or Another, they’re Going to Get you: Threats to Press Freedom from the Internet of Things”
Anjuli Shere, Analyst/Writer/Researcher, University of Oxford

“Securing the Internet of Medical Things”
Andy Bridden, IoT Security Consultant, PA Consulting

“The IoT is Littered with Security Disasters. As the Distinction from OT Blurs how do we Avoid Repeating them?”
Ken Munro, Partner, Pen Test Partners

“Meeting the Industry 4.0 Security Challenges of IEC 62443”
Haydn Povey, CEO, Secure Thingz

“IoT Security Reference Architecture”
Professor Kwok-Yan LAM, Professor of Computer Science, Nanyang Technological University

“ETSI EN 303 645 – the Ultimate IoT Testing Baseline. Lessons Learned and way Forward”
Razvan Venter, Team Lead Security Compliance and Certifications, Secura B.V.

“How eSIM Technology Can be Used Within the IoT”
Zofia Domanska, Product Manager, G+D

“IoT security, and it’s Disturbing Status”
Pieter Meulenhoff, Quality control, internships & security training, Eurofins Cyber Security

“Supply Chain Integrity”
Amyas Phillips, Chair of the IoTSF Supply Chain Integrity Working Group, IoT Consultant & Security Scientist, Ambotec

“New Guidance and Best Practices on the Security of Smart Built Environments, IoTSF”
James Willison, Founder, Unified Security

“What is a Smart Built Environment, and Why it Matters?”
Sarb Sembhi, Co-Chair of Smart Built Environment Group, CTO & CISO, Virtually Informed

Join the IoTSF Conference and:

  • Learn About the Potential Risks & Vulnerabilities Associated with IoT Systems & Connected Devices
  • Gain an Understanding of IoT Security Best Practice for the Design of Products & Services
  • Understand what to Specify & Look for When Procuring IoT Products & Services
  • Learn About the Current and Future State of Standards, Regulation & Assurance
  • Discover the Lessons Learned in Real Life War Stories
  • Hear From Leading Experts & Companies Offering Security Products, Solutions & Services

Internet of Things Security Foundation Conference

Internet of Things Security Foundation Conference

The 6th Annual Internet of Things Security Foundation Conference is a four-day virtual event that takes place between Tuesday 1st and Friday 4th December 2020.  Join the IoTSF for 4 days of expert talks & training sessions to expand your knowledge on the best practice and the latest developments in IoT cyber security. The IoTSF Conference features talks by leading cyber security experts, training workshops and track sessions for executives, developers, engineers, managers and security professionals.

  • Learn about the potential risks and vulnerabilities associated with IoT systems and connected devices
  • Gain an understanding of IoT security best practice for the design of products and services
  • Understand what to specify and look for when procuring IoT products and services
  • Learn about the current and future state of standards, regulation and assurance
  • Gain from the lessons learned in real life experiences/war stories
  • Hear from leading experts and companies offering security products, solutions and services

For more details of the Internet of Things Security Foundation Conference see:  Conference website.

Book Tickets here

The IoT Security Foundation has announced first set of speakers for the 6th Annual IoT Security Foundation Conference:

Keynote Speech
“AI-driven Cyber Defense for Endpoint Energy Assets”
Leo Simonovich
VP & Global Head, Industrial Cyber at Siemens Energy

Protecting endpoint operating technologies (OT) is an increasingly important challenge for the energy sector. As energy companies continue to digitize existing assets and build new assets with intrinsic network connectivity, they present an ever-expanding attack surface to escalating attacks. Overall, the energy industry has made tremendous progress in maturing cybersecurity capabilities. Yet current practices leave significant gaps due to lag between updates.

This keynote will describe in detail the current challenges faced by energy companies, the implications of observable industry trends, the characteristics that potential cyber-security solutions must meet, and why they believe AI and ML technologies can meet these requirements now and in the future.

Keynote Speech
“IoT security challenges and opportunities in the 5G era”
Mihoko Matsubara
Chief Cybersecurity Strategist at NTT Corporation

This presentation aims to analyse IoT security issues and opportunities at both the policy and technical level in the 5G era. The world is now more concerned over IoT and 5G security due to growing security threats during the pandemic and mounting geopolitical tensions. Yet, this talk will also shed light on collaborative efforts by government and industry for a smart world and 5G security as well as financial incentives to embed security in new projects in their early stages.

Software Provenance – Where Do We Draw the Line?
Matt Wyckhouse
CEO at Finite State

There has been a lot of uproar about supply chain security – from 5G deployments around the world to threats to our power grids – and it seems that a day doesn’t go by without some new threat or government action. Many governments around the world, and in particular the US, are trying to “solve” supply chain risk management by introducing regulations focused on banning vendors from the supply chain. Notably, the US has taken several actions to try to limit vendors from potential adversary countries (such as China) from being involved in supply chains for certain types of critical infrastructure.

This talk will discuss how simple analysis of a vendor’s country of origin is a failing and incomplete model of supply chain risk. While geopolitical analysis is an important risk factor, the truth is that every device, every software application, and every vendor has some level of geopolitical risk. We live in a world that is fueled by global supply chains and open source software that is built by global, distributed teams of engineers. So where do we draw the line?

Lesley Kipling
Chief Cybersecurity Advisor at Microsoft EMEA

Previously lead investigator for Microsoft’s detection and response team (DART), Lesley Kipling has spent more than 16 years responding to our customers’ largest and most impactful cybersecurity incidents. As Chief Cybersecurity Advisor, she now provides customers, partners and agencies around the globe with deep insights into how and why security incidents happen, how to harden defences and more importantly, how to automate response and contain attacks with the power of the cloud and machine learning.

Internet of Things Thames Valley Meetup | 11th September

Internet of Things Thames Valley Meetup

There is just 1 week to the next Internet of Things Thames Valley Meetup @tv_iot on 11th September at the Green Park Conference Centre, 100 Longwater Avenue, Green Park, Reading, Berkshire, RG2 6GP.

Internet of Things Thames Valley

Reading, GB
1,772 Members

This group is open (free) for business, academic, public sector and technical professionals interested in the ‘Internet of Things’ who wish network, share knowledge, experienc…

Next Meetup

IoT Thames Valley Meetup #27

Wednesday, Sep 11, 2019, 6:00 PM
68 Attending

Check out this Meetup Group →

This is a free to attend Meetup. Networking from 6pm.

The Talks & Speakers include:

“5G and Connected Communities, where we are, how we got there and the challenges to come” – Guy Matthews, Director of Emerging Technology, CGI Business Consulting
5G has reached the cusp of moving from a decade of R&D into a decade of deployment across the globe. It will bring immense change across major industries and herald the growth of technologies like immersive and AI. But what is 5G and how will it be implemented across urban and rural communities? This short presentation will cover the basics of 5G, the state of development in the UK and globally, and the remaining commercial and technical challenges to 5G development at scale and load.

“Saving lives on British railways with IQRF” – Šimon Chudoba, CEO IQRF Alliance
IoT can not only reduce operation and maintenance costs or enable completely new business models but literally save lives and avoid derailments on railways. Simon will present one of the solutions of IQRF Alliance members which monitors railway embankments in the UK.

“Can you Trust your Smart Building?” – Duncan Purves, 2 Insight Ltd
Understand the security issues associated with ‘smart’ building systems and why they are important to you

IoT Thames Valley Meetup 19th June Final Agenda & News

We have fantastic line up of Meetup speakers, talks and demos from Amazon Web Services, Arm & Pen Test Partners.

You can register/RSVP for this Meetup here:
https://www.meetup.com/Internet-of-Things-Thames-Valley/events/257305513/

A special thank you to our sponsors Arm and Review Display Systems.

Speakers & Talks:


Andrew Hood, Amazon Web Services
“AWS IoT and Alexa in the connected home”
AWS IoT services for the connected home bring devices and services together for an integrated, autonomous experience that improves a consumers’ lives. Connected home experiences include everything from voice-controlled lights, house-cleaning robots, machine learning-enabled security cameras, and Wi-Fi routers that troubleshoot for you. Additionally, given that voice control is becoming pervasive across smart homes, these devices can also benefit from using voice services like Alexa for an even more seamless customer experience. Thanks to decreasing costs and increasing options for connectivity, these smart home devices, sensors, and tools can be interlinked to create real-time, contextual, and smart experiences for consumers. Learn how in this session.


Tony Gee, Pen Test Partners,
“Systemic flaws in IoT”
As the IoT brings ever more connected capabilities in to our lives we are seeing more and more devices utilising the same backend architecture. We are seeing more and more vendors replicating vulnerabilities across multiple device types, from tracking watches to car alarms. We are seeing zombie vulnerabilities rising from the dead, insecure direct object references which mostly died off back in 2002 are now found on many devices we look at. In this talk we will discuss some of these and show some of our recent research in to the Internet of Things.


Rob Coombs, Arm,
“PSA Certified – building trust in IoT”
Platform Security Architecture was announced by Arm in October 2017 as a security framework for IoT. Arm provides the recipe (security architecture documents) and ingredients (open source software, tools, models, dev boards) to help the electronics industry build secure IoT solutions. At Embedded World this year we introduced PSA Certified, a multi-level security evaluation scheme for IoT chips, software and devices. This presentation will provide an introduction to PSA Certified.


In other news, the companies supporting the Secure IoT cyber security conference on 7th November continues to grow and we have speakers confirmed from:

  • Amazon Web Services
  • Arm
  • Department for Digital, Culture, Media and Sport
  • Device Authority
  • GSMA
  • IBM
  • NCC Group
  • Pen Test Partners
  • SAS

You can book discounted Early Bird tickets here:
https://www.eventbrite.co.uk/e/secure-iot-2019-tickets-59043403409

PSA Certified – building trust in IoT

Rob Coombs @Arm, will be giving a talk “PSA Certified – building trust in IoT” at #IoT Thames Valley Meetup on 19th June at the GreenPark Conference Centre, Reading.

Free to attend. RSVP:

Internet of Things Thames Valley Meetup #26

Platform Security Architecture was announced by Arm in October 2017 as a security framework for IoT. Arm provides the recipe (security architecture documents) and ingredients (open source software, tools, models, dev boards) to help the electronics industry build secure IoT solutions.

At Embedded World this year we introduced PSA Certified, a multi-level security evaluation scheme for IoT chips, software and devices. This presentation will provide an introduction to PSA Certified.

Systemic flaws in IoT

Tony Gee @_tonygee_ of Pen Test Partners, is giving a talk “Systemic flaws in IoT” at the IoT Thames Valley Meetup on 19th June  at the Green Park Conference Centre,  Reading.

This is a free to attend event. To register, please RSVP:

IoT Thames Valley Meetup #26

As the IoT brings ever more connected capabilities in to our lives we are seeing more and more devices utilising the same backend architecture. We are seeing more and more vendors replicating vulnerabilities across multiple device types, from tracking watches to car alarms. We are seeing zombie vulnerabilities rising from the dead, insecure direct object references which mostly died off back in 2002 are now found on many devices we look at. In this talk we will discuss some of these and show some of our recent research in to the Internet of Things.

Internet of Things Cyber Security Conference

Internet of Things Cybersecurity Conference

The third annual Secure IoT, Internet of Things cyber security conference will be held at the Green Park Conference Centre, Reading, on 7th November, 2019.

Learn about the security issues, risks, threats and vulnerabilities associated with IoT systems and connected device. Gain an understanding IoT security best practice and meet leading experts and companies offering security products, solutions and services.

There are a limited no. of Super Early Bird available until 9th June at £60 +VAT and Student tickets £30 + VAT:

Book Tickets

For more information see:

Secure IoT Website

Pindrop brings voice authentication to IoT devices, intelligent assistants, and connected cars

Forget passwords and PIN codes — Pindrop wants to make our lives more secure with voice biometrics.

From VentureBeat Article:

Pindrop brings voice authentication to IoT devices, intelligent assistants, and connected cars

The Atlanta, Georgia-based company today announced Voice Identity Platform, a speech authentication solution for IoT, voice assistants, smart homes and offices, and connected cars.

Its platform-agnostic tech is akin to Google’s Voice Match in Google Assistant, which can differentiate among the unique voice signatures of up to 10 Google Home users, and Amazon’s voice profiles in Alexa.

Pindrop’s patented Pindrop Protect technology takes into account factors such as location, behavior, device type, audio, voice, and time of day to confirm identity. By scoring each voice interaction based on AI-driven anomaly detection and using voice printing to correlate matches with what Pindrop claims is one of the world’s largest audio databases of its kind, the company contends it is able to lower handle times by up to 60 seconds.

European Parliament fails to ensure security for connected consumer products

European Parliament regrettably missed an opportunity to establish mandatory security requirements for connected products such as smart watches, baby monitors or smart locks. This is the outcome of a vote in its industry (ITRE) committee.

PRESS STATEMENT – 10.07.2018 

http://www.beuc.eu/publications/european-parliament-fails-ensure-it-security-connected-consumer-products/html

Consumers in Europe are exposed to a string of unsecure connected products[1]. These range from hackable security cameras, door locks and heating thermostats in people’s homes, to the possibility for strangers to easily tap into connected toys and smart watches for children.

Consumer groups had urged the EU to ensure that the upcoming Cybersecurity Act would plug this gaping hole in EU legislation to finally protect the security of our lives and homes.

Yet, despite the immense threat to consumers and society as a whole because of unsecure connected products, the European Commission, Member States and (as of today) Parliament are content with only a voluntary scheme that will not appropriately protect consumers’ privacy, security or safety.

A Botnet Compromises 18,000 Huawei Routers

A cyber hacker, by the pseudonym Anarchy, claims to have made a botnet within 24 hours by utilizing an old vulnerability that has reportedly compromised 18, 000 routers of Chinese telecom goliath Huawei.

http://www.ehackingnews.com/2018/07/a-botnet-compromises-18000-huawei.html

As indicated by a report in Bleeping Computer, this new botnet was first recognized in this current week by security researchers from a cyber-security organization called Newsky Security.

Following the news, other security firms including Rapid7 and Qihoo 360 Netlab affirmed the presence of the new danger as they saw an immense recent uptick in Huawei device scanning.

The botnet creator contacted NewSky security analyst and researcher Ankit Anubhav who believes that Anarchy may really be a notable danger who was already distinguished as Wicked.

The activity surge was because of outputs looking for devices that are vulnerable against CVE-2017-17215, a critical security imperfection which can be misused through port 37215. These outputs to discover the vulnerable routers against the issue had begun on 18 July.