Internet of Things Security Foundation Conference 2020

Map Unavailable

Date(s) - Tue, 1 Dec 2020 - Fri, 4 Dec 2020
All Day


The 6th Annual Internet of Things Security Foundation Conference is a four-day virtual event that takes place between Tuesday 1st and Friday 4th December 2020, see:  Conference website.

Join the IoTSF for 4 days of expert talks & training sessions to expand your knowledge on the best practice and the latest developments in IoT cyber security. The IoTSF Conference features talks by leading cyber security experts, training workshops and track sessions for executives, developers, engineers, managers and security professionals.

  • Learn about the potential risks and vulnerabilities associated with IoT systems and connected devices
  • Gain an understanding of IoT security best practice for the design of products and services
  • Understand what to specify and look for when procuring IoT products and services
  • Learn about the current and future state of standards, regulation and assurance
  • Gain from the lessons learned in real life experiences/war stories
  • Hear from leading experts and companies offering security products, solutions and services

Book Tickets here

The IoT Security Foundation has announced speakers for the 6th Annual IoT Security Foundation Conference including:

Keynote Speech
“AI-driven Cyber Defense for Endpoint Energy Assets”
Leo Simonovich
VP & Global Head, Industrial Cyber at Siemens Energy

Protecting endpoint operating technologies (OT) is an increasingly important challenge for the energy sector. As energy companies continue to digitize existing assets and build new assets with intrinsic network connectivity, they present an ever-expanding attack surface to escalating attacks. Overall, the energy industry has made tremendous progress in maturing cybersecurity capabilities. Yet current practices leave significant gaps due to lag between updates.

This keynote will describe in detail the current challenges faced by energy companies, the implications of observable industry trends, the characteristics that potential cyber-security solutions must meet, and why they believe AI and ML technologies can meet these requirements now and in the future.

Keynote Speech
“IoT security challenges and opportunities in the 5G era”
Mihoko Matsubara
Chief Cybersecurity Strategist at NTT Corporation

This presentation aims to analyse IoT security issues and opportunities at both the policy and technical level in the 5G era. The world is now more concerned over IoT and 5G security due to growing security threats during the pandemic and mounting geopolitical tensions. Yet, this talk will also shed light on collaborative efforts by government and industry for a smart world and 5G security as well as financial incentives to embed security in new projects in their early stages.

Software Provenance – Where Do We Draw the Line?
Matt Wyckhouse
CEO at Finite State

There has been a lot of uproar about supply chain security – from 5G deployments around the world to threats to our power grids – and it seems that a day doesn’t go by without some new threat or government action. Many governments around the world, and in particular the US, are trying to “solve” supply chain risk management by introducing regulations focused on banning vendors from the supply chain. Notably, the US has taken several actions to try to limit vendors from potential adversary countries (such as China) from being involved in supply chains for certain types of critical infrastructure.

This talk will discuss how simple analysis of a vendor’s country of origin is a failing and incomplete model of supply chain risk. While geopolitical analysis is an important risk factor, the truth is that every device, every software application, and every vendor has some level of geopolitical risk. We live in a world that is fueled by global supply chains and open source software that is built by global, distributed teams of engineers. So where do we draw the line?

“Securing the Industrial IoT”
Simon Butcher, Principal Embedded Security Engineer

“Secure Management of Things in AWS IoT”
Dave Walker, Principal Specialist Solution Architect for Security and Compliance
Amazon Web Services

“Practical physical attacks against embedded systems and their secure design to mitigate them”
Rohini Narasipur, Product security engineer and incident handler

“Challenges of Vulnerability Management and Disclosure Processes in a big organisation – The Bosch PSIRT”
Carolina Adaros,Product Security Incident Handler

“Shining the Light of Truth: a journey into vulnerability disclosure practices at consumer IoT product companies”
David Rogers MBE, Founder
Copper Horse

“IoT on the frontline – when a 3rd party 0day becomes your problem…”
Adam Laurie, Global Lead Hardware Hacker

“Sensory Overload – Cybersecurity Threats for Next Generation Vehicles”
Steve Povolny, Head of Advanced Threat Research

“Secure by Design, still a USP in a competitive environment”
Ivan Reedman, Head Tinkerer and Ponderer
NCC Group

“The Consumer IOT Attack Surface – an architectural deep dive on the threats and mitigations for real world IOT deployments”
Nick Allott

“One way or another, they’re going to get you: Threats to press freedom from the Internet of Things”
Anjuli Shere, Analyst/Writer/Researcher
University of Oxford

“Securing the Internet of Medical Things”
Andy Bridden, IoT security consultant
PA Consulting

“The IoT is littered with security disasters. As the distinction from OT blurs how do we avoid repeating them?”
Ken Munro, Partner
Pen Test Partners

“Meeting the Industry 4.0 Security Challenges of IEC 62443”
Haydn Povey
CEO, Secure Thingz

“IoT Security Reference Architecture”
Professor Kwok-Yan LAM, Professor of Computer Science
Nanyang Technological University

“ETSI EN 303 645 – the ultimate IoT testing baseline. Lessons learned and way forward”
Razvan Venter, Team Lead Security Compliance and Certifications
Secura B.V.

“How eSIM technology can be used within the IoT”
Zofia Domanska, Product Manager

“IoT security, and it’s disturbing status”
Pieter Meulenhoff
Quality control, internships & security training
Eurofins Cyber Security

“Supply Chain Integrity”
Amyas Phillips, Chair of the IoTSF Supply Chain Integrity Working Group, IoT Consultant and Security Scientist

“New Guidance and Best Practices on the security of Smart Built Environments, IoTSF”
James Willison MA, Founder
Unified Security

“What is a Smart Built Environment, and why it matters?”
Sarb Sembhi, Co-Chair of Smart Built Environment Group, CTO & CISO
Virtually Informed

Additional speakers and talks will be announced in the next couple of weeks from:

  • BSI
  • Cyber Security Agency of Singapore
  • Cyber Tech Accord
  • Device Authority
  • Eurofins Cyber Security
  • FIDO Alliance
  • Group-BMC
  • IoT Analytics
  • Microsoft
  • Pugged Code Limited
  • Qualcom
  • Schneider Electric
  • Rapid7
  • Sandelman Software Works
  • University College London (UCL)
Share with