Internet of Things Cyber Security Conference – Talks Announced

Secure IoT 2019 Speakers & Talks

Announcing the first set of talks for Secure IoT 2019, the 3rd annual Internet of Things Cyber Security conference, that will be held on 7th November at the Green Park Conference Centre, Reading, RG2 6GP. Speakers: Arm, AWS, Device Authority, IBM, NCC Group, Pen Test Partners, GSMA and Copper Horse.

At the Internet of Things Cyber Security conference, learn about the:

  • Cyber security issues, risks, threats and vulnerabilities associated with IoT systems and connected devices
  • Gain an understanding IoT security best practice
  • Meet Leading experts and companies offering security products, solutions and services.

For full details see:

Secure IoT 2019

Book Tickets

Special discounted ticketsare available for full time studentsand academics at a rate of £44.90(incl. fees & VAT)


“IoT. Engineer securely, don’t add security”
Ivan Reedman – Executive Principal, Technical Lead, NCC Group

All too often vendors offer products and solutions to secure your IoT device. Unfortunately, in reality there is no silver bullet. For an IoT device to be secure, it must be engineered securely.

This talk will cover some basic principles of secure engineering using publically available references and models whilst also explain why and how to implement these principles.

“Systemic fraud in IoT: the fraud no one know about”
Tony Gee – Associate Partner, Pen Test Partners

Systemic issues in IoT are becoming more and more prevalent, with millions of devices compromised by poor security on the API, but there is a more sinister abuse of this attack as yet unknown.

This talk will discuss this attack and the ways an attacker can abuse the flaw for massive systemic fraud. We will also discuss the current mitigations in place and other mitigations organisations and individuals can put in place. This talk will be an eye opener to a brand new type of abuse of IoT!

“The PSA Security Model: Important Security Goals and How They Impact Security”
Marcus Streets – Principal Security Architect, Arm

Security is constantly changing and evolving. With regulations always on the horizon and new threats being identified, businesses need a strategy to protect against future security threats. The Platform Security Architecture (PSA) offers a framework for securing connected devices. It provides a step-by-step guide to building in the right level of device security, reducing risk around data reliability, and allowing businesses to innovate on new ideas to reap the benefits of digital transformation.

Dave Walker – Solutions Architect, Amazon Web Services
Since the launch of the security-focussed AWS IoT Device Defender service last year, there’s been futher services and feature releases in the AWS IoT service family. We explore how these services fit together in some reference archiectures, and how they integrate with other AWS services for the purpose of enhancing security.

“IoT Security for Industrial and Smart Factory use cases”
Rob Dobson – Director, Device Authority

The presentation will take the audience through what some of the challenges are for securing industrial and Smart Factory deployments. Looking at several case study scenarios where customers have specific requirements around data security, privacy and how they can meet the Operation Technology (OT) needs for their businesses.

“Cybersecurity and the IoT”
Henrik Kiertzner, Principal Cybersecurity Consultant

The argument goes something like this – a huge number of nodes, all built by the lowest bidder and designed largely in jurisdictions where there is less-than-desirable attention paid to intellectual property rights, present a huge and appealing attack surface to the potential State actor aggressor, allowing for compromise of the confidentiality, integrity and availability of the devices and services they provide. IoT operators will need to find ways to maintain visibility of activity on their extended network and identify attacks and reconnaissance activity in order to move to mitigate impacts at the earliest possible time.

As with any modern issue, the key strands are people, process and technology. Where we are likely to fail is in process – the allocation of responsibility, the development of policy (and regulatory) architectures.

“Leveraging the SIM as a ‘Root of Trust’ to Secure IoT Applications”
Ian Smith, IoT Security Lead, GSMA

The GSMA has investigated how to leverage existing mobile operator assets to help secure IoT services – one of these key assets being the SIM. In his presentation, Ian Smith, IoT Security Lead at GSMA, will describe how cellular connected (GSM, LTE, NB-IoT) IoT devices can use the capabilities of the SIM to enhance the security of commonly used IoT security protocols such as Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS).

Ian will also talk about the work the GSMA is undertaking to create a ‘common implementation guide’ for this capability – to the benefit of the IoT developer community.

“The Digital Security by Design Challenge”
Robin Kennedy – Cyber Security, Knowledge Transfer Network

Robin will outline one of the latest programmes to be announced under the Industrial Strategy Challenge Fund (ISCF) which, through enhancements to processor architecture and software, aims to make digital systems inherently less vulnerable

Other Speakers at the Internet of Things Cyber Security conference include:

Dr Andrew Jones – System Architect, Arm

Adam Laurie – Global Lead Hardware Hacker, X-Force Red, IBM

Mark Neve – IoT Security Foundation Ambassador and Technical Lead at Copper Horse