Many of you who have been following this blog know that the Security Ledger is particularly interested in covering the (fast) evolving border line between “traditional” IT security and the terra incognito of the Internet of Things. This week, we’re taking that discussion to the next level with our first-ever event: The Security of Things Forum (or SECoT for short).
SECoT is going to be an amazing day of discussion and debate about what I consider one of the foremost challenges facing the technology community in the next decade: securing a rapidly expanding population of intelligent and Internet-connected devices.
Attendees will hear an address by Dr. Dan Geer, the Chief Security Officer at In-Q-Tel, the U.S. Central Intelligence Agency’s investment arm. Dan is one of the smartest and most prescient thinkers in the security world, who has made headlines by warning about the dangers of our reliance of technology monocultures like Microsoft’s Windows operating systems. Most recently, Dan has been sounding similar alarms about an (emerging) monoculture of “small devices and the chips that run them.” In other words: just because the network of the future doesn’t have a Windows sticker and “Intel Inside” logo on it, doesn’t mean that the same kinds of problems don’t exist.
Emerging monocultures are just one of the topics that will be up for discussion at our event. The challenge that IoT technologies pose to what’s often referred to as “enterprise security” is a recurrent theme at the Forum.
Marc Blackmer of Cisco Systems will talk about the ways in which the transition to an Internet of Things will change the job of IT security professionals and IT administrators: demanding new tools and strategies to secure enterprise networks.
In addition, we’re bringing together a panel of experts, moderated by one of the smartest IoT analysts around – INEX Advisors’ Chris Rezendes – to talk about how IoT technology will impact companies and other IT-dependent organizations.
Finally, Josh Corman of the firm Sonatype will sound the alarm about the threats that lurk beneath the otherwise placid surface of Internet of Things technologies. Corman has written and spoken extensively on problems ranging from hacktivism to the culture of lackluster development that leads to many application-based security flaws. In his talk Swimming with Sharks, he’ll suggest ways that organizations might think about re-evaluating their risks in light of the Internet of Things.
Finally: we’ll take on the security of embedded and industrial devices in two talks. First: Rishi Bhargava, the Vice President of Product Management for Embedded Systems at Intel Security will talk about that company’s vision of securing the IoT. Later, a panel moderated by Robert Vamosi of the firm Mocana will delve more deeply into the plethora of hardware based products that are cropping up and how best to secure hardware and industrial devices from attack. As Collin Mulliner, a security researcher at Northeastern University (and panel member) told me recently: the growing population of connected mobile, industrial and embedded devices that will fill the rank and file of the IoT these days often lack even basic protections and security features. Patching these devices, to cite just one example that’s close to Mulliner’s heart, is often difficult if not impossible.
We look forward to seeing you at The Security of Things Forum!