Trends and Best Practices for IoT Security

Presented at Black Hat Europe 2017, Dec. 7, 2017, 1:35 p.m. (25 minutes)

No matter what your industry, you are likely wrestling to build security for Internet-connected devices that are not computers or smartphones. Whether you’re controlling access to medical devices, oil rigs, retail systems, or manufacturing equipment, you’re being challenged to extend the traditional network security perimeter to protect a whole new class of devices and systems. In this session, top experts will discuss trends in IoT attacks and threats and offer some best practices for securing IoT devices.

Presenters:

• Kelly Sheridan - Associate Editor, Dark Reading
  Kelly Sheridan is an associate editor for Dark Reading. She most recently reported on financial tech for Insurance & Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she's not catching up on the latest in tech, Kelly enjoys running and blogging for health and lifestyle websites. She earned her BA in English from Villanova University.
• David Rogers - CEO, Copper Horse Solutions Ltd
  David Rogers is a mobile phone security expert and is the CEO of Copper Horse Solutions Ltd, a software and security company based in Windsor, UK. Having worked in the mobile industry for over 17 years in security and engineering roles, David’s is currently focusing his commercial interests on security and privacy research for the Internet of Things and Smart Cities. In 2016, David was appointed Visiting Professor in Cyber Security and Digital Forensics with the Computer Science Department at York St John University and he teaches Mobile Systems Security at the University of Oxford. He also chairs the Device Security Group at the GSMA and his book ‘Mobile Security: A Guide for Users’ was published in 2013.
• Aseem Jakhar - Director, Research, Payatu Software Labs
  Aseem Jakhar is the Director, research at Payatu Software Labs payatu.com a boutique security testing company specializing in IoT, embedded, Mobile and Clouse security. He is the founder of null -The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference nullcon.net and hardwear.io security conference He has worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He currently spends his time researching on IoT security and hacking things. He is an active speaker and trainer at security conferences like AusCERT, Black Hat, Brucon, Defcon, Hack.lu, Hack in Paris, PHDays and many more. He is the author of open source Linux thread injection kit – Jugaad and Indroid which demonstrate a stealthy in-memory malware infection technique. He has also authored an open source App DIVA (Damn Insecure and Vulnerable App) for Android which gamifies Android App vulnerabilities and is used for learning Android Security issues.

Links:

• https://www.blackhat.com/eu-17/sponsored-sessions/schedule/#trends-and-best-practices-for-iot-security-9476

Similar Presentations:

• TROOPERS17 (2017) / What happened to your home? IoT Hacking and Forensic with 0-day
• Global AppSec - DC 2019 / A Day in the Life of IoT Security Architect
• THOTCON 0xA (2019) / When Refrigerators Attack - Defending (and weaponizing) IoT