Trends & Challenges
Facebook Twitter LinkedIn

Trends & Challenges

Combined Session
Wednesday, October 09, 2019 15:00—16:00
Location: Ballroom

IoT & Cybersecurity

Cybersecurity is critical to protecting IoT and mesh networks.  Network sensors and endpoints are the most vulnerable network assets.  As endpoint diversity expands to nontraditional assets and applications, stakeholders must adopt cybersecurity best practices to protect their networks. This talk focuses on strategies to harden the IoT security posture.

IoT & Cybersecurity
Presentation deck
IoT & Cybersecurity
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Christopher Magnan
Christopher Magnan
General Dynamics Information Technology
Christopher Magnan manages a Project Management Office for General Dynamics Information Technology (GDIT).  During his tenure at GDIT, he has led a team that has implemented cyber-security...

Secure Code Signing for IoT with Multi-Party Computation

In 2019, interconnectivity and growth of data have exploded. The digital world continues to expand at breakneck speed, with 20 billion networked devices and data anticipated to grow tenfold from 2017 to 2025. 96% of companies now use cloud services and 81% of enterprises operate multi-cloud landscapes. There are over 5 billion mobile phone users, with 2 billion customers preferring mobile banking rather than enter a physical branch.

IoT is an integral part of the future of data technology - and it may hinge on safe code-signing. The increased importance and intelligence of software operating IoT devices, and the need for frequent code updates to address rapidly changing service functionality and security requirements, are driving the need for IoT device software and firmware signing. Without good code signing hygiene, manufacturers incur major risks as attackers can alter the software running on deployed devices, stealing information or tampering with device functionality. This presentation will review code-signing best practices for IoT – and how to strike a balance between security and usability – through multi-party computation.

Key Takeaways:

1. Code-signing keys are both notoriously difficult to manage and integral to the heart of enterprise data security 
2. Hardware-based code-signing solutions are neither scalable nor flexible enough to keep up with the growth of IoT devices 
3. Multi-party computation-based solutions offer hardware-grade security via software-defined cryptography - cryptographic key management for the digital era 
4. Code-signing best practices for enterprise include: 
a. Protecting code signing keys: Key exfiltration is the riskiest because it gives attackers the most freedom to sign any code anywhere. Use cryptographic key protection and management solutions to help ensure that attackers cannot get hold of the valuable private keys.
b. Establishing advanced quorum authorization for sensitive signing operations: By requiring multiple people and/or systems to authorize sensitive cryptographic operations, such a signing code—especially code that can impact low-level system operations—you can eliminate rogue actors tainting the code with malware.
c. Monitoring and auditing all code signing transactions: A comprehensive log of all operations including the source of those operations can help quickly identify the source and mitigate attacks after they occur.

Secure Code Signing for IoT with Multi-Party Computation
Presentation deck
Secure Code Signing for IoT with Multi-Party Computation
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Allan Konar
Allan Konar
Unbound Tech
Tom Stockmeyer
Tom Stockmeyer
Unbound Tech
Mr. Stockmeyer served in the Marine Corps from 1979 to 1983. He has an MBA from the Michael Coles School of Business, Kennesaw University. Tom has held executive roles at IBM, Juniper Networks and...

Tickets

CyberNext Summit & Borderless Cyber
€700
€1000
 
All days: Oct
Two day ticket
€550
€750
 
Day 1 + Day 2
€550
€750
 
Day 2 + Day 3
€550
€750
 
Day 1 + Day 3
€550
€750
 
One day ticket
€300
€500
 
Day 1
€300
€500
 
Oct
Day 2
€300
€500
 
Oct
Day 3
€300
€500
 
Oct
CyberNext Summit & Borderless Cyber - Gov. rate
€360
 
Government rate, All days: Oct
Two day ticket - Gov. rate
€295
 
Day 1 + Day 2
€295
 
Day 2 + Day 3
€295
 
Day 1 + Day 3
€295
 
One day ticket - Gov. rate
€230
 
Day 1
€230
 
Oct
Day 2
€230
 
Oct
Day 3
€230
 
Oct
Have you participated in our events?
Contact us to get a special discount
Subscribe for updates
Please provide your email address