Hi, my name is Antoinette and I'm really glad that I have the opportunity to meet you today. I'm happy to be here. I'm excited to speak to you about why IoT devices are mandating a zero tolerated security architecture. And let me tell you why prevention pays. You need prevention for scalability to increase savings and massively decrease costs for profitability. And with that, I mean an increased turnover, increased productivity, an increased efficiency, basically an improved daily operations. Reliability is the third one. And with reliability, I mean, how do you make sure that device keeps on working as intended, not only today, but that it's safe for zero days, for tomorrow as well? All of those three things, scalability, profitability and reliability, will lift a burner for us. I always start with this slide. When do you think the first cyber attack took place? Guess what? It's almost 200 years ago. Two brothers, Francois and Joseph Long, manipulated data that went into the national telegraph system. So this clearly demonstrates that criminals are very creative and always looking for new ways in, and that you need to man it up to make sure that there's no data poisoning, that the device is really secure. You are as strong, as weak, as lean, and as you can see here, at that time in France, there were all kinds of mechanical telegraph systems like this, so they can sign letters to each other. And it's even said that Napoleon had a tiny telegraph system with him when he took to battle. But this one is clearly proven, and this one clearly demonstrates that hackers are opportunistic. And why do we need zero tolerated IoT devices require prevention, preventative security controls rather than detective security controls. Why you need prevention to make sure that the device is not acting as a jump host stepping stone into your network. We have seen, for example, HVAC administrators directly connecting from the Internet into a network. They want to make sure that IoT devices will not be ransomed. We have seen that due to the geographical reasons and situation with Russia and Ukraine, some OT devices are ransomed as well. We have seen lateral movements. Think for example, the mass terminal hack propagation attacks. And if you are unfamiliar with propagation attacks, it means basically that an infected device is looking for other devices to infect and imposing a big risk to a company. We have seen IoT devices stealing sensitive information. Think, for example, of the IoT fish tank hack in the US casino. Nobody was assuming that the IoT fish tank that had a smart thermometer, that the thermometer was being used as jump hose to steal sensitive and extract sensitive information from the network. And we have seen IoT devices being utilized to start the cyber kill chain. So the first one is prevention. The second one is making sure that the IoT device is safe. Mitigation of physical risk, no misuse or no accident. The third one is preserving. Remember that I started this talk with making sure the device keeps on working as intended. You need resilient IoT devices. For example, your ring doorbell has a different security posture and approach than an MRI or an infusion pump in a healthcare environment. And yet they all, both the ring doorbell and infusion pump hold sensitive information and require sensitive and security preventative security controls to keep the sensitive information safe. Here we have an overview of the threat landscape 2023. And let's go over IoT one by one. Here we see the RTU, the remote terminal unit. Gostec was the first one to claim that they ever in the world had encrypted an OT device, an operational technology device and this telephone. This device is used in energy companies and it was ransomed and displaying a code f booting. Here we have the Cyborg with the colonial pipeline. I'm sure you all heard about it. The colonial pipeline was not specifically an attack. IoT was just basically exploiting unpatched vulnerabilities in a vulnerable VPN system and shutting down operation, also causing a massive impact. Here we have the rice cameras. They had backdoors so they could be utilized to open a referral shell, allowing device takeover, exploiting authentication and so forth. Here we have cyber warfare as well. Was the danish ot infrastructure that was vulnerable due to siteshell devices that were not patched. Remote code execution could be done. Burf overflows and account takeover with the sandworm and the candy wiper. Here on the bottom we have also the sandworm and the candy wiper. And they caused a massive outage. In Ukraine there was a blackout. It was immense. In March. Here in June we have the propagation attack and lateral movement of the airsofts proxy botnet. And I think this is so funny because they were posting a picture of themselves, that they were the Airsofts administrative team. They were selling high quality proxies, meaning compromised IoT devices from doorbells, garage doors, industrial IoT devices, and later even mobile phones. And they were exploiting known vulnerabilities and weak credentials. And weak credentials is also really very high risk for IoT devices because there are lists out there on the Internet. What are the default password for IoT devices, industrial IoT devices or ot devices. And hackers. Criminals are using those lists to do automated attacks ot environments, specific countries for example with cyber warfare. So combine the weak credential list and the default passwords with showdown or Google dorks, and no good can come out of it. So that's something that's really important. Here we have the Whitehead research, the experts for cyber news. It's something really nice. They took over almost 27,000 printers, and they didn't do anything malicious. The only thing they did was forcing the printer to print out a five step guide how to properly secure your printers. Because printers are often IoT properly secured in small to medium businesses, and they are always used as stepping stone into the network if they are not properly secured as well. So this clearly demonstrates why you need a zero tolerated security architecture. And I really understand the challenges when it comes to securing IoT devices. They are complex interconnectedness. There's a massive attack surface, and the devices vary from vertical industry, from a smart home to industrial IoT, and they have small hardware resources and how to secure that. So they flourish in hardware capabilities. And there is no standardization whatsoever. There's no devices heterogeneity at all. And what about the data that's on the devices or being processed by those devices? And maybe you didn't know, but there are three types of data. The first one is data address. That's data on the device itself. Think, for example, a ring doorbell and a recording. The recording is on the device itself, and ideally it should be encrypted. Then we have the data in transit. Think for example, the ring doorbell again, and it's sending a video over to a cloud instance. And then we have the third one. That's the data in use. And the data in use is the most vulnerable data. It's very easy to override. And criminals can do remote code execution. They can allocate memory because that's the most vulnerable. So you need to man it up. So I understand those IoT device manufacturers because they have to constantly balance between efficiency, functionality. And that's why we need resilient security architectures and strategies. That's why I'm advocating for zero tolerated architecture. And guess what? It doesn't benefit only the security itself. It's also building trust in IoT devices, and it gives you ease of operation with improved profitability. As stated before, higher turnover, increased efficiency. Because we detect issues in a very early stage. If you comply and harden the device from within security, you will detect issues in a very early stage. The second one is regulations. You comply with global regulations, not regulations here in the EU, but also in the US, because they have key elements and I will address those key elements later on. But you can make sure that if you have incorporated IoT device security embedded on the device itself, you will comply with those regulations like the US trustmark for example, in the US and the EU, cyber resilience XcRa in the EU. And the last one is business continuity with improved reliability, making sure the device keeps on working as intended and that there's no harm done whatsoever. The device is resilient for all kind of attacks. And here you have a clear distinction what the landscape look like for an IoT device manufacturer. On the factory side we have the development and how to maintain a huge amount of source repos, build and release management, you name it. It's a huge and daunting task. In the middle we have the device security root of trust, secure key storage, things like that. And on the right hand side we have the market challenges and the market is very competitive. You have the constant balance between cost and functionalities and how do you scale and how do you make sure that you don't fall victim to supply chain disruptions? Also a big challenge. And now we see something new on the horizon. We see mandatory regulations and you don't want to get a fine reputation damage whatsoever. And guess what? I told you before we looked into the global regulations and all those regulations have key elements. Here you have an overview of worldwide regulations, but they all address key elements. Things for example like secure access and secure access control. Do you have the correct permissions? Are you allowed to log in? Then we have the authentication and authorization. Is there a login protection? Is there a brute force mechanism in place if they want to brute force, for example, with the known vulnerabilities and the weak passwords to see if they can get into your device. And we see the data protection, how do you make sure that sensitive data is really properly secured? So let me uncover some astounding facts from last year. The NIST is assigning all kinds of vulnerabilities to security flaws like risk impact, likelihood, you name it. And when I started working as an engineer 25 years ago, we were already in the panic code. If there was a critical vulnerability of eight or seven, we were in panic mode. We should do something. But the last years we see a lot of critical vulnerabilities ranging from nine to ten. And ten is the highest as you can go. And ten means immediate action, patch, remediate, disconnect, you name it, you should do something to eliminate that potential risk. So that is putting organizations at risk. And if we do the math and we count it down to a day. You'll see 72 vulnerabilities a day, but eleven critical that you should address. And how do you make sure that your device is secured not only today, but also tomorrow? And that's why you need a zero tolerant security architecture to make sure that your device is hardened from within and secure tomorrow as well. That's why I'm advocating to really build resilient and trustworthy IoT ecosystem, not only for end users, but for businesses enterprises. Because we need those principles of zero tolerance and zero trust. And here you can see it starts from the device itself. You want to make sure that business continuity is okay. You want to have the trust and user confidence, the regulatory and legislative acts that you should address. And you want to make sure it's reliable, scalable, interoperable and profitable, and so forth. That's why I'm advocating for zero tolerated architecture. Saving our toasters and possibly the world. There's another thing I would like to share with you, the Ericsson Drexler's Grey goo. And please take a look at his book if you're curious, and he stated that there will be IoT assemblers, and an assemblers is being programmed to eliminate all organic matter in the world and to copy itself. So I'm sure that if we have the zero tolerance security architecture in place, break will not happen. Combine that with AI and machine learning and the right code of ethics, we will have a great future. I would like to conclude with a quote of Robert Mueller, the former director of the FBI. There are only two companies, those that have been hacked and those that will be hacked and checkpoint. The company that I'm working for is adding a third one, those that have been hacked and still don't know. Thank you so much for attending this session. I'm happy to connect with you. Feel free to reach out if you have any questions. And thank you so much.