IoT MasterClass – PKI and how to use a private certificate authority for device authentication and data integrity

Abstract:

In 2021, so far there has been a 500% increase in IoT attacks compared to 2020. IBM Security X-Force research has revealed that this spike is driven by Mozi botnets. In 2020, this malware has accounted for 89% of the total IoT attacks of all types detected for the year. Mozi has been active in the last 18 months and continues to rank as the number one most active Mirai-type variant. The Mozi Botnet currently controls approximately 438,000 hosts [1] 

How do device makers, IoT platforms and service providers protect themselves? 

The National Institute of Standards and Technology (NIST) is well known for it’s standards for cybersecurity with its CyberSecurity Framework likely the most influential. NIST  has released its IoT Device Cybersecurity Capability Core Baseline (NISTIR 8259A) in May 2020. It provides details what is expected in an IoT cybersecurity baseline. It includes such imperatives as device identification and configuration, data protection, logical access to interfaces, and the ability to have awareness of its cybersecurity state. 

In this presentation, we shall explore best practices for meeting this baseline and extending it to include appropriate protection brownfield devices in the field that do not have inherent defenses against cyber-attack. We will go into great detail on:

  1. How to protect device identities and provide additional authorization capabilities at the edge using PKI
  2. How to protect data from generation to consumption in Zero Trust Network Architectures

[1] https://securityintelligence.com/posts/internet-of-threats-iot-botnets-network-attacks/

Presenter Bio:

Julian Durand is Intertrust’s vice president of product management and chief information security officer where he is responsible for owning the IoT product leading the PKI team and overseeing security practices for the company. He brings over 30 years of experience in bringing breakthrough products to market at a massive scale and is a named inventor in Digital Rights Management (DRM), Internet of Things (IoT) and virtual SIM technologies. Before joining Intertrust, Julian brought SaaS and PaaS products to market for construction telematics and real time cyber risk analysis at TeMeDa and CyberLucent respectively, taking both companies to profitability from initial seed funding startups. At Qualcomm Julian led product security; virtual SIM development; child tracking sold as Best Buy’s “Little Buddy”; and the company’s first efforts in IoT doubling revenue year on year for the first three years and catalyzing what is now a billion-dollar business. Prior to that, he was the technical lead for Nokia’s first music phone. Julian holds a B.Eng from Carleton University in Ottawa, Canada, an MBA from the University of Southern California (USC) and is a Certified Information System Security Professional (CISSP).

Register Now for FREE Access:

    IoT Community may use my contact data to keep me informed of products, services and offerings (required):

    PhoneEmail

    You can withdraw your marketing consent at any time by sending an email to iotslam@iotcommunity. Also you may unsubscribe from receiving marketing emails by clicking the unsubscribe link in each such email.

    More information on our processing can be found in the IoT Community Privacy Statement. By submitting this form, I acknowledge that I have read and understand the IoT Community Privacy Statement located here https://iotcommunity.net/privacy-policy/.

    Join the IoT Community Masterclass Series!

    IoT Community Masterclasses  are held in a virtual classroom environment, allowing you to attend in real-time or on-demand, delivering exclusive IoT content by industry-leading keynote speakers, domain specialists, and subject matter experts.

    IoT Community Masterclasses include

    • engaging panel topics and panelists,
    • on-topic user centered content,
    • interactive workshops and tutorials
    • provide insight, results, and key takeaways.

    Who should attend the IoT Community Masterclasses?

    The IoT Community Masterclass series, is an extension to the IoT Slam – series of events, is where the new multi-disciplinary community is forming around the convergence of software and hardware for:

    • Engineers
    • Researchers
    • Roboticists
    • Makers
    • Developers
    • Designers
    • Founders
    • Innovators
    • From, Industry, Enterprise, Government & Academia

    Benefits Of Joining:

    Joining the IoT Community Master Class Series provides you with:

    • Learn different themes and outcomes
    • Hear about the latest IoT and cloud products, services and solutions from multiple industry verticals.
    • Validate you IoT Strategy, and plug in your team to execute
    • All materials will be recorded for On-Demand Playback