The potential risks and vulnerabilities posed by using Internet of Things (IoT) systems and connected devices, along with IoT security Best Practice and guidelines, will be up for discussion at Secure IoT 2019. The third annual Secure IoT Cyber Security Conference will be held on Thursday 7 November at the Green Park Conference Centre at 100 Longwater Avenue, Green Park in Reading. Risk Xtra previews what’s in store for delegates.
Security and risk management professionals are seeing an ever-increasing number and sophistication of cyber attacks on systems and products that are using Internet-connected devices. These attacks are being instigated by different types of actors including criminals, states and state-sponsored protagonists, issue-orientated hacktivists (malicious insiders pose the greatest threat) and ‘script kiddies’.
The risks posed and the damage realised on an organisation or individual in terms of reputation, costs and Health and Safety due to poor security practice can be considerable. In May last year, the General Data Protection Regulation (GDPR) became enforceable. The GDPR covers ‘security by design’ in hardware and software. Data controllers are obliged to consider data protection ‘by design and by default’.
Organisations using insecure IoT devices, software and systems could face action under the GDPR should they contribute to the theft or ‘spillage’ of personal data. For example, not checking your IoT device is secure before procuring it, not configuring it securely (for example, not changing bad default passwords) and not expeditiously patching vulnerabilities in firmware (and other software) used to process personal data.
Understanding of IoT security
At the conference, delegates will be able to learn all about the cyber security issues, risks and threats associated with Internet of Things (IoT) systems and connected devices, gain a thorough understanding of IoT security Best Practice and meet leading experts and companies offering security products, solutions and services.
The growing line-up of speakers includes representatives from Amazon Web Services, Arm, the Department for Digital, Culture, Media and Sport, the Device Authority, the GSMA, IBM, Microsoft, the NCC Group, Pen Test Partners and SAS.
In terms of delegates, the target audience includes companies developing IoT products and services, organisations looking to procure and deploy IoT solutions, products and services, IoT and cyber security professionals, telecommunication service providers, retailers and distributors of IoT products, owners and operators of critical infrastructure, industry bodies, Government, academia and the broader IoT and cyber security community.
*For more information and details of the speakers visit https://tvsecureiot.uk/
**Readers of Risk Xtra who would like to attend can receive 20% off the cost of their admission by quoting the code RISKX19 when booking. To book tickets access https://www.eventbrite.co.uk/e/secure-iot-2019-tickets-59043403409