We are hosting a 1 day event IoT Security in the Enterprise – From Concrete Jungles to Smart Cities November 6 @ 10:00 am – 4:00 pm

at IBM Room 1219, 12th Floor 590 Madison Avenue New York NY 10022 USA

Agenda: 10:30 Networking

10:45 – Welcome remarks, Tim Hahn and Pamela Gupta

11:00 – 11:30 “IoT Security – Impending Doom or Rainbows and Unicorns?”  Tim Hahn

Distinguished Engineer, IBM

Overview: As the Internet of Things is deployed across a wide range of industrial, consumer, and business environments, of special interest and concern is the need to implement IoT solutions with careful attention to security. While many of the challenges in IoT security are similar to the challenges of securing information technology (IT) computing environments, there are special considerations due to the scale, operating conditions, system capabilities, and wide range of device types which are used in IoT solutions. Further, these systems, by connecting the electronic and physical worlds, must address both operations technology (OT) security and information technology (IT) security.

11:40 – 12:10 “Security in IoT” Albert Sisto Executive Chairman, Device Authority

Overview: Insight into some real use case examples and how IoT applications, device manufacturers, and IoT Ecosystem providers are considering the use of Device Authority to secure their product or service.

Examples will include :

  • Medical Device use case examples – portable device and large-scale robots.
  • IoT Application service provider example – focused on device management
  • Gateway providers.
  • Ecosystem partnerships – leveraging Enterprise security technologies and deployments and making them IoT ready.

12:15 – 1:15 Lunch & Networking

1:15 – 1:45 “The Battle Among IoT-Based Bots” Ron Winward Security Evangelist, Radware

Overview: 2017 may already be defined as the year of IoT threats. Spawned from last year’s Mirai botnet, the IoT threat landscape has become so vast that vigilante hackers are now purposefully destroying vulnerable devices just to combat the threat. In this session, Ron Winward will review the Mirai framework and specifically how it has created this new threat landscape. Also, he’ll discuss other infamous malware attacks such as the Hajime botnet and BrickerBot, and how darknet forums and marketplaces are fueling the threat. Finally, Winward will explore how to protect yourself from IoT-based attacks and ways to secure your own IoT infrastructure.

2:00 – 2:30 “Risk Assessment for IoT” Pamela Gupta Chair, Self-Certification Working Group, IoTSF / President, OutSecure Inc.

Overview: Traditional Information security risk assessment methods are not adequate for the rise in complexity, pervasiveness, and automation of technology systems increases and cyberspace matures, particularly with the Internet of Things (IoT). There is a compelling argument that we will need new approaches to assess risk and build trust. The challenge with simply extending existing assessment methodologies to IoT systems is that we could be blind to new risks arising in such ecosystems. These risks could be related to the high degrees of connectivity present or the coupling of digital, cyber-physical, and social systems. Session will focus on new methodologies to assess risk in this context that consider the dynamics and uniqueness of the IoT while maintaining the rigor of best practice in risk assessment.

2:30 – 2:45 Networking Break

2:45 – 3:15 “Smart Buildings, Dumb Security?” Ken Munro

Partner, Pen Test Partners

Overview: As building control and management systems find their way into more and more of the built environment we need a wake-up call regarding their security. Over the last 10 or so years Ken has been researching building management devices, and found that the security failings that existed in 2006 still haven’t been properly addressed. In this talk you’ll find out about the issues, including how devices can be compromised by attackers, and also the scale of the problem. His research has discovered them connected directly to the public internet, from fire stations, military bases, schools, government buildings, businesses and large retailers among many. With live demonstrations you’ll see how hackers can take control, what the impacts are, and what can be done about it.

3:15 – 3:45 “Future-Proof Security for the Smallest IoT Devices”, Louis Parks – President and CEO Secure RF

Cost, performance, and efficiency are driving a record number of 8-bit and 16-bit devices into the IoT creating a significant security challenge. Symmetric methods can address basic data needs but they do not scale for global solutions, and asymmetric methods only become practical on larger 32-bit processors. With more and more small processors entering foundational platforms like the smart grid, medical devices, and automobiles, many with market lives of ten years or more, the issue of quantum-resistance security becomes an additional critical consideration. We will review the security options and typical implementation needs for gateways and endpoint devices including sensors, actuators, and embedded processors. This talk will include examples of ultra-low-resource protocols, and provide current benchmarks for ARM, RISC-V, and other processor environments against existing commercial solutions.

3:45 – 4:00 Networking

Spaces are limited: Interested parties are invited to register HERE.