Date(s) - Thu, 7 Nov 2019
9:00 am - 6:00 pm
Green Park Conference Center
The 3rd Annual Internet of Things Cybersecurity Conference will be held at the Green Park Conference Centre, 100 Longwater Avenue, Green Park, Reading, Berkshire, RG2 6GP, on Thursday, 7th November, 2019.
The objective of the conference is for attendees to:
- Learn about he potential risks and vulnerabilities associated with IoT systems and connected devices
- Gain an understanding of IoT security best practice and guidelines
- Hear from leading experts and organisations providing guidance and best practice
- Meet companies offering security products, solutions and services
To book tickets:
- Dr Andrew Jones – System Architect, Arm
- Dave Walker – Solutions Architect, Amazon Web Services
- Adam Laurie – Global Lead Hardware Hacker, X-Force Red, IBM
- Mark Neve – IoT Security Foundation Ambassador and Technical Lead at Copper Horse
- Ivan Reedman – Executive Principal, Technical Lead, NCC Group
- Tony Gee – Associate Partner, Pen Test Partners
- Marcus Streets – Principal Security Architect, Arm
- Rob Dobson – Director, Device Authority
- Henrik Kiertzner, Principal Cybersecurity Consultant
- Ian Smith, IoT Security Lead, GSMA
- Robin Kennedy – Cyber Security, Knowledge Transfer Network
For more information visit:
We are seeing an ever-increasing number and sophistication of cyber-attacks on systems and products that are using connected IoT devices. These attacks are being instigated by different types of actors including: criminals; states and state sponsored; issue-orientated hactivists (malicious insiders pose the greatest threat) and ‘script kiddies’.
In May 2018, the General Data Protection Regulation(EU) 2016/679 (GDPR) became enforceable. GDPR covers “security by design” in hardware and software. Data controllers are obliged to consider “data protection by design and by default”.
Organisations using insecure hardware could face action under GDPR should the firmware of IoT devices prove insecure and contribute to a spillage of personal data. In other words, not checking hardware is secure before procuring it, not configuring it securely (for example, not changing bad default passwords) and not expeditiously patching vulnerabilities in firmware (and other software) used to process personal data.