BEGIN:VCALENDAR VERSION:2.0 PRODID:-//IoT Security Foundation - ECPv6.15.20//NONSGML v1.0//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-ORIGINAL-URL:https://iotsecurityfoundation.org X-WR-CALDESC:Events for IoT Security Foundation REFRESH-INTERVAL;VALUE=DURATION:PT1H X-Robots-Tag:noindex X-PUBLISHED-TTL:PT1H BEGIN:VTIMEZONE TZID:Europe/London BEGIN:DAYLIGHT TZOFFSETFROM:+0000 TZOFFSETTO:+0100 TZNAME:BST DTSTART:20220327T010000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0100 TZOFFSETTO:+0000 TZNAME:GMT DTSTART:20221030T010000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:+0000 TZOFFSETTO:+0100 TZNAME:BST DTSTART:20230326T010000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0100 TZOFFSETTO:+0000 TZNAME:GMT DTSTART:20231029T010000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:+0000 TZOFFSETTO:+0100 TZNAME:BST DTSTART:20240331T010000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0100 TZOFFSETTO:+0000 TZNAME:GMT DTSTART:20241027T010000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:+0000 TZOFFSETTO:+0100 TZNAME:BST DTSTART:20250330T010000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0100 TZOFFSETTO:+0000 TZNAME:GMT DTSTART:20251026T010000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=Europe/London:20240703T093000 DTEND;TZID=Europe/London:20240703T160000 DTSTAMP:20260429T042759 CREATED:20240522T113133Z LAST-MODIFIED:20240626T092129Z UID:25059-1719999000-1720022400@iotsecurityfoundation.org SUMMARY:IoTSF Plenary 2024 DESCRIPTION:IoT Security Foundation Plenary 2024\nRegister for FREEThis open plenary session follows the progress of the IoTSF Working Group Projects\, features industry speakers\, wider IoTSF operations and partnership updates as well as ample networking breaks. \nThis event is FREE for both IoTSF members and non-members. \nFull details \nThe IoTSF Plenary returns this July and we have some fantastic topics to discuss. \nOne Birdcage Walk is a prestigious venue in the heart of London\, near Sir Winston Churchill’s War Rooms and St James’ Park. This will be a significant follow up to the recent TechWorks AI meeting at Bletchley Park. \nWe will hear the very latest updates from the leaders of the IoTSF working groups in our own campaign to secure the internet of things in 2024 and beyond.\nOur battle is no less daunting than the one faced 80 years ago. If anything\, we face more complex enemies\, but with the brilliant minds and determination of the IoTSF\, we can achieve great things. \nFirst\, we’ll hear from John Moor and Chris Bennison as they outline the work of IoTSF in line with International Govt strategies and new chapters. Second\, Chris will highlight the new Regulatory Watch group’s guideline for member’s on the PSTI Act and the importance of the Cyber Resilience Act with a panel discussion. \nAfter some coffee and valuable networking\, Ian Pearson and leaders from the Assurance Framework will address how manufacturers can optimise their security capabilities by utilising its requirements. \nThis will be followed by a panel led by Sarb Sembhi\, from the Smart Built Environment Group discussing a new IoTSF procurement guide. It will look at the topic from the perspective of procurement professionals and relevant stakeholders in IoT Cybersecurity in sustainable buildings. \nAfter lunch we will hear the very latest news on our UKRI Digital Security by Design Project\, CHERI Morello and how the TechWorks community has impacted it. \nDr. Nick Allott and Professor Andrew Martin\, will showcase how CHERI can make a real difference in Gateways\, the very heart of many networks. If we can make this happen\, all the other systems will be more resilient. This includes the significant work of many of our members in the latest NIST Trusted IoT onboarding project. \nLast\, but not least\, Haydn Povey will introduce the TechWorks Global Marketing Strategy Report for CHERI based Router + Connected Device Infrastructure. Haydn brings a wealth of experience in the global semi-conductor industry. \nJoin us to be a part of this digital war effort! \n \n\n\n\n\nTime\nContent\n\n\n\n\n09:30\nRegistration\n\n\n10:00\nWelcome\n\n\n10:10\nRegulatory  Watch: Stephen Pattison\,  Prof. Paul Kearney and Paul Phillips will take part in a panel discussion entitled ‘The regulators are coming to get you!\n\n\n10:50\nBreak\n\n\n11:10\nAssurance Framework: Hear from Trevor Hall and Ian Pearson on how the group has a major new approach with the aim of reaching a new audience.\n\n\n11:50\nAchieving Building Sustainability Compliance and Resilience through Procurement: Smart Built Environment – Panel: Sarb Sembhi\, CTO\, CISO Virtually Informed\, Mo Ahddoud CISO Chameleon Cyber Consultants)\, Jason Shaw Associate Director\, Security\, Technology Engineering\, AECOM\, and James Willison (IoTSF)\n\n\n12:30\nLunch\n\n\n13:30\nThe Digital Security by Design Challenge: SNbD/NIST/CHERI: Dr Nick Allott\, CEO NquiringMinds\, and Prof Andrew Martin\, University of Oxford\n\n\n14:40\nBreak\n\n\n15:00\nGlobal Marketing Strategy Report for CHERI based Router + Connected Device Infrastructure with Q&A : Led by Haydn Povey\, SCI\, with Nick Allott.\n\n\n15:45\nValedictory\n\n\n\n\n. \nSpeakers\nSarb Sembhi\nCTO\, CISO Virtually Informed \nBiography\nSarb is the CTO at Virtually Informed and was the Global CISO for AirEye and the Noord Group. He has previous worked as a consultant covering most issues in risk and security. Sarb’s contributions to the industry include the Executive Steering Board of the IoT Security Foundation. \nOther contributions include: Past President of the ISACA London Chapter\, Chair of ISACA International GRA Region 3 Sub-Committee\, Chair of ISACA International GRA Committee\, ISSA UK Advisory Group member\, InfoSecurity Magazine Editorial Group member. Sarb has also served on several Security Standards Groups\, and continues to write for several publications and speak at risk and security events around the world. \nMo Ahddoud CISM\nChief Information Security Officer\, Chameleon Cyber Consultants \nBiography\nMo is an active contributor to the cybersecurity industry. He writes regularly in the international security journal. He is an ISACA EU Advisory Taskforce member contributing to the European Commission amendment to the Cyber Security Act. \nMo was recognised in 2017 by the British Computer Society for Security programme of the year. In 2018\, he was recognised as a cyber security innovator at the CA awards in Las Vegas. His recent interests include AI and Smart Cities. \nJason Shaw\nAssociate Director\, Security\, Technology Engineering\, AECOM \nBiography\nJason Shaw is a security technology specialist and Chartered IT Professional with over 30 years of experience gained within the information technology and integrated electronic security industry. He has provided a range of physical\, electronic and cyber security consulting services for numerous clients and projects within the built environment throughout the UK\, Europe\, Middle East\, Africa and Asia. My particular interest is OT and IoT centric solutions within the smart built environment\, the cyber security risks posed to information assets\, and the development of cyber security strategies to reduce and manage these risks. \nHe is a member and contributor to a specialist Smart Built Environment workgroup within the IoT Security Foundation\, an organisation formed to develop key security initiatives relating to the vulnerabilities Smart Buildings inherently have. Additionally\, he is a member of the BCS\, ISACA\, Institution of Engineering and Technology\, ASIS International and The Security Institute. \nSpecialities: Security Masterplanning – Project Management – Information Security – Cyber Security & Cyber Risk Management – Smart Buildings – Cyber Security Strategies for IoT\, CPS & ICS Solutions – Security Technology Engineering – Physical Cyber Convergence – Security Integration – Electronic Security Systems Design. \nJames Willison\nProject and Engagement Manager\, IoT Security Foundation \nBiography\nJames Willison is Project and Engagement Manager at the Internet of Things Security Foundation and a recognised International leader in Security Convergence and Enterprise Security Risk Management. \nJames is proud to be a member of the Eric Liddell Community. Named #8 Cyber Security Professional IFSEC Global Influencers Security and Fire 2020. James is delighted to support the Kindness Games and has joined TKG Alumni! James is a judge for the 2022 IFSEC Global Influencers. Shortlisted in Security Serious Unsung Security Heroes Awards 2018 as a Security Leader/mentor. He is a reseller of Kaseware\, an innovative cyber physical investigative tool. James is Co-Chair\, Smart Built Environment Working Group\, Internet of Things Security Foundation and a member of ASIS International\, ISACA and the Security Institute. James was awarded the Imbert Prize for an ‘outstanding contribution to the Security Industry in 2011’ for his work on convergence with ASIS Europe and the Information Security Awareness Forum. He has more than 20 years of management experience in the physical and information security industry\, including posts as Advisor on Convergence to the Mitie TSM Board\, Senior lecturer in Security Management at Loughborough University and Digital Security Expert with the European Union. He has co-authored three White Papers on ESRM\, SMART GDPR Assurance for a Smarter world and Smart Buildings and Cities Security with his colleague and fellow convergence expert\, Sarb Sembhi\, sponsored by AXIS Communications and published by Unified Security Ltd. He has helped develop and build partnerships and relationships in numerous projects between security professionals including writing new content in published International Standards. He regularly writes articles for IFSEC Global and is an established speaker at International security conferences. \nNick Allott\nCEO\, NquiringMinds \nBiography\nNick is CEO of NquiringMinds\, an AI analytics company founded on robust cyber security principles. He has been developing and deploying AI technologies for almost 30 years\, and is a recognised cyber security expert. \nNick was formally\, CTO of OMTP\, a security focussed\, international mobile standards organisation responsible for many technologies now widely deployed. Significant among OMTP deliveries\, is the Trusted Execution Environment\, (TEE) the security core of most CPUs and SIM technology. TEEs now ship a the rate of 1 billion per year. Nick is also a Director of the Webinos Open Source Foundation: a collaborative initiative for secure IOT interaction based on PKI.\nFor Shell\, Nick helped develop their data mining products (later acquired by Accenture). And as Technology Director for Motorola\, Nick had responsibility for their speech recognition and voice Personal Assistant products. Nick Joined start-up Fastmobile (multimodal speech recognition) as their CTO in 2000 until their acquisition by RIM. His first full time job was developing neural networks for Neural Computer Sciences\, followed by a stint at the part Microsoft owned Dorling Kindersley Multimedia\, where he worked on search technology and 3D graphics platforms. \nNquiringMinds was selected by DCMS to develop an innovative\, secure data sharing platform for Smart Cities\, which forms the basis of the current product line. Nick has advised the UK Government on the Secure by Default Program and was among a handful of technology CEOs selected by\, the then Prime Minister\, Theresa May\, to accompany on her first trade mission to India. Nick is a Fellow of the British Computer Society\, the Institute of Analysts and Programmers and the Royal Society of Arts. \nNick has a degree in Cognitive Science\, a PhD in Artificial Intelligence and is a Visiting Professor and the University of Southampton. \nProf Andrew Martin\nProfessor of Systems Security\, Department of Computer Science \, University of Oxford \nBiography\nAndrew Martin is Professor of Systems Security in the Department of Computer Science at the University of Oxford. His main interest is in how hardware-software co-design can enhance the security of networked distributed systems. He has also led a range of cross-disciplinary efforts across the University and beyond – with a particular interest in how human factors can enhance or confound the best security technologies. He thinks that the key to progress is strong rigorous foundations\, mixed with a great degree of pragmatism. \nHaydn Povey\nCEO & Founder\, SCI Semiconductor Ltd \nBiography\nHaydn is the Founder & CEO of SCI Semiconductor\, a company focused on developing and delivering next generation security IP and devices. The company is a leading advocate of CHERI technology\, with its ability to resolve over 70% of critical vulnerabilities through enhance Memory Safe technology\, compartmentalisation\, and integrated component management. The company works closely with governmental and commercial entities to introduce CHERI technology and to solve many of the biggest issues in critical infrastructure and industry today. \nHaydn has been in senior management at leading global technology companies for over 30 years\, including as Chief Strategy Officer at IAR\, through the successful acquisition of Secure Thingz Ltd. He additionally held senior marketing and business development roles at ARM Holdings\, the leading Microprocessor IP (Intellectual Property) company. Haydn headed ARMs strategy and product roadmaps for Security within IoT and M2M marketplaces where he worked with critical groups within the US and UK government responsible for the development and deployment of security frameworks\, alongside many leading silicon vendors\, OEMs and system integrators and software solutions. \nPreviously Haydn was Director Security Products & Technologies within the ARM Processor Division where he owned a broad array of products including TrustZone\, which delivers security foundations in the majority of global mobiles and tablets\, and SecurCore\, which is the foundations for the majority of 32-bit SmartCards and SIMS. Prior to owning security at ARM Haydn led the development and introduction of the Cortex-M microprocessor family which has led to the rapid adoption of 32-bit microcontroller technology around the globe and underpins the majority of Internet of Things devices. \nDr Stephen Pattison\nChairman\, IoT Security Foundation \nBiography\nStephen was responsible for ARM’s Public Affairs\, including contributions to public policy thinking across the world. His focus was London\, Brussels\, Washington and\, increasingly\, China. He was the first person to be appointed to a Public Affairs role at ARM\, in 2012. Key issues on which he is working include Internet of Things\, Smart Cities\, Data Protection\, Energy Efficiency\, and Security. He also oversees ARM’s Corporate Responsibility Programme. \nPrior to joining ARM\, Stephen was CEO\, International Chamber of Commerce UK\, where he represented the interests of a range of companies and focussed on various policy and international trade issues. Before that he worked for James Dyson (Vacuum cleaners etc) as Head\, International Business Development\, where he introduced new products into new markets as well as accelerating growth in existing markets. He was once a British Diplomat and worked at the British Embassy in Washington\, and on UN issues in London\, New York and Geneva. \nStephen has a Master’s Degree from Cambridge University\, and a Doctorate from Oxford. In 2003-4 he spent a year at Harvard as Fellow in International Affairs at the Weatherhead Center. \nProf. Paul Kearney\nCybersecurity Consultant and retired Professor of Cybersecurity\, Birmingham City University \nBiography\nPaul Kearney has recently retired from the position of Professor of Cybersecurity at Birmingham City University. Previously\, he worked in R&D roles for British Aerospace\, Sharp Laboratories of Europe\, and British Telecommunications. He retains an active interest in cybersecurity research\, undertaking freelance consultancy\, contributing to activities of the IoT Security Foundation\, acting as an expert evaluator and reviewer for research programmes and serving on the advisory boards of research projects. He holds a BSc from the University of Liverpool and a PhD from the University of Durham\, both in theoretical physics and is a Full Member of the Chartered Institute of Information Security. \nIan Pearson\nPrinciple Embedded Solutions Engineer\, Microchip Technology Inc. \nBiography\nIan Pearson is a Principal Embedded Solutions Engineer at Microchip Technology Inc. currently focussed on FPGA\, Security and IoT applications. He is active on the IoTSF Assurance Framework\, Supply Chain and Many Secured working groups. \nTrevor Hall\nDirector of Systems Engineering\, Synaptics Inc. \nBiography\nTrevor has been in pioneering roles in the semiconductor\, software\, and systems industry for over 40 years. From his early days at Philips\, where he safeguarded Blu-Ray master keys\, to his current role in securing IoT video products at Synaptics/DisplayLink\, Trevor’s expertise in product security makes him the “go to” person in Synaptics. As the third Chair of the IoTSF Assurance Framework Working Group and the primary editor of its publications since 2019\, he has had been significantly influencing the product security field for the rest of the industry. Trevor is dedicated to communicating and sharing best practices in system security\, demonstrating his passion and commitment to the industry. URL:https://iotsecurityfoundation.org/event/iotsf-plenary-2024/ LOCATION:One Birdcage Walk\, 1 Birdcage Walk\, London\, SW1H 9JJ CATEGORIES:Plenary Session ATTACH;FMTTYPE=image/jpeg:https://iotsecurityfoundation.org/wp-content/uploads/2024/05/IoTSF-Plenary.jpg ORGANIZER;CN="IoT Security Foundation":MAILTO:contact@iotsecurityfoundation.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=Europe/London:20230905T140000 DTEND;TZID=Europe/London:20230905T150000 DTSTAMP:20260429T042759 CREATED:20230613T094550Z LAST-MODIFIED:20240315T165456Z UID:22194-1693922400-1693926000@iotsecurityfoundation.org SUMMARY:ManySecured WG online meeting DESCRIPTION:Our monthly meetings are open to all. The IoTSF ManySecured WG is about leveraging the power of the crowd – working on open technical standards\, specifications and finding solutions first and foremost. \nIt is supporting the UKRI Digital Security by Design Challenge and the Secure Networking by Design (SNbD) project with the University of Oxford\, NquiringMinds and TechWorks. \nOur aim: “to reduce the threat and scale of remotely initiated cyber-attacks\, securing the network against memory-based vulnerabilities.” \nCurrent topics include: \n1) Update on NIST – trusted onboarding \n2) SBOM and device identity problem: \nHow does a device advertise its SBOM descriptor “securely”? – \na) review the problem \nb) identification of similar problems : what’s out there? \nc) outline of potential solutions: proposals required \nd) next steps – planning \n3) Device lifecycle policies \na) review/reminder of primary use cases \nb) proposal: framing the life cycle (continuous assurance) problem – including MUD \nc) outline of a potential evidence model (D3/VC based) \nd) next steps \n4) Economic model for vulnerability management \na) share of draft \nb) request for contributions/authors \n5) IoTSF conference track – potential topics on ManySecured and SNbD \nWe also encourage you to join our slack channel to participate in the project. \nSlack invite: https://join.slack.com/t/manysecured/shared_invite/zt-1t1f6j582-y1Lvi0aEoItd2_EtvuGVCA \nPlease contact James Willison for registration details at james.willison@techworks.org.uk URL:https://iotsecurityfoundation.org/event/manysecured-working-group-virtual-meeting/ ATTACH;FMTTYPE=image/png:https://iotsecurityfoundation.org/wp-content/uploads/2023/06/ManySecured-Working-Group-Virtual-meeting.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=Europe/London:20240710T150000 DTEND;TZID=Europe/London:20240710T163000 DTSTAMP:20260429T042759 CREATED:20240708T091400Z LAST-MODIFIED:20240708T141230Z UID:25228-1720623600-1720629000@iotsecurityfoundation.org SUMMARY:ManySecured’s leaders’ “new build” in NIST’s IoT onboarding guidance! DESCRIPTION:NIST’s New ‘draft’ Trusted IoT Onboarding Guide with ManySecured’s leaders! \n“Establishing trust between a network and an Internet of Things (IoT) device prior to providing the device with the credentials it needs to join the network is crucial for mitigating the risk of potential attacks. There are two possibilities for attack. One happens when a device is convinced to join an unauthorized network\, which would take control of the device. The other occurs when a network is infiltrated by a malicious device. Trust is achieved by attesting and verifying the identity and posture of the device and the network before providing the device with its network credentials—a process known as network-layer onboarding” (NIST NCCOE p 1). \nThe NCCoE\, in collaboration with 11 product and service providers\, has produced five builds demonstrating network-layer onboarding and two builds demonstrating the factory provisioning process. The configurations offer secure ways to provision devices to a network using their network credentials. \nTechWorks and the IoTSF ManySecured WG is proud to have supported Dr Nick Allott\, Steve Clark\, and Michael Richardson who have played key roles in developing important aspects of the builds. ManySecured WG Leader\, Nick Allott\, explains\, \n“So\, what we’ve done is we’ve defined a set of data structures and protocols that allow an IoT device to be assessed for its security posture pre onboarding. And not only that\, it allows that security posture to be continuously assessed and if it falls below a threshold it gets kicked off.” \n \nhttps://iotsecurityfoundation.org/wp-content/uploads/2024/07/Nick-Allott-and-NIST-Trusted-IoT-Onboarding.mp4\nJoin the NIST NCCoE for a webinar to discuss guidance and considerations for trusted IoT onboarding to help organizations safeguard both their IoT devices and their networks. \nRecently\, NIST released the final draft publication of NIST Special Publication 1800-36\, Trusted IoT Device Network-Layer Onboarding and Lifecycle Management\, which includes updates to several of the builds. The public comment period for the publication is open until July 30\, 2024. \nJoin the ManySecured Working Group and get a chance to contribute and learn how to securely onboard your devices! \nOur next meeting is on July 9th at 2pm BST\, 9am EDT. \nContact: James Willison\, IoTSF Project and Engagement Manager: james.willison@techworks.org.uk URL:https://iotsecurityfoundation.org/event/manysecureds-leaders-new-build-in-nists-iot-onboarding-guidance/ CATEGORIES:Webinar ATTACH;FMTTYPE=image/jpeg:https://iotsecurityfoundation.org/wp-content/uploads/2024/07/Slide1.jpg ORGANIZER;CN="IoT Security Foundation":MAILTO:contact@iotsecurityfoundation.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=Europe/London:20240725T140000 DTEND;TZID=Europe/London:20240725T150000 DTSTAMP:20260429T042759 CREATED:20240627T131235Z LAST-MODIFIED:20240715T111828Z UID:25198-1721916000-1721919600@iotsecurityfoundation.org SUMMARY:IoTSF Webinar - July DESCRIPTION: URL:https://us06web.zoom.us/webinar/register/WN_cD4gMxKRR7qj7dnpv9vJng#/registration#new_tab CATEGORIES:Webinar ATTACH;FMTTYPE=image/jpeg:https://iotsecurityfoundation.org/wp-content/uploads/2024/06/Copy-of-IoTSF-Webinar-Graphics-8.jpg ORGANIZER;CN="IoT Security Foundation":MAILTO:contact@iotsecurityfoundation.org END:VEVENT END:VCALENDAR