ISC West - Security Innovation Making Their Presence Known at Connected Security Expo

The company was asked to speak on several panels around connected cars, the Internet of things and mobile application security.

WILMINGTON, Mass.--(BUSINESS WIRE)--Security Innovation, a cybersecurity provider and leader in the 2015 Gartner Magic Quadrant for Security Awareness Training, will be showcasing the breadth and depth of their cybersecurity expertise throughout the first annual Connected Security Expo at ISC West in Las Vegas this week. The company was asked to speak on several panels around connected cars, the Internet of things and mobile application security.


Security Innovation's President and CEO, Ed Adams will be speaking on a panel entitled "No Safety Without Security" This session will examine the IoT from a safety and a security perspective. Some of the questions that will be asked and answered include: what does a typical IoT ecosystem look like? What are roles and challenges for different IoT ecosystem players in managing safety and security risks? What new risks and challenges are introduced with the concept of digital security? Importantly, what can be done to address those security risks and challenges? Adams will be joined on the panel by industry leaders from UL and Cisco.

Ed will also be speaking on the "Connected Cars - Poster Child for the IoT Reality Check" panel along with executives from Symantec, Ericsson and others. This session will address the trade-off between safety, security and convenience as well as the steps that need be taken by manufacturers before we can trust our the new IoT ecosystem to deliver the promised benefits of connected services.

"I've been waiting for a conference like this for years. IoT is forcing conversations regarding the intersection of physical and cybersecurity. Connected Security Expo addresses these critical topics and brings industry leaders together in a collaborative forum to discuss them."

Ed Adams is an IT and application security expert with over 20 years of experience in the field. In addition to being a member of the Connected Security Expo Conference Advisory Board, Ed is also a Ponemon Institute Fellow and a go-to cybersecurity expert for New England Cable News.

Along with Adams', Security Innovation's Senior Security Engineer, Mick Ayzenberg will be presenting "How Mobile Applications Are Hacked," on the Innovation Stage. Using an insecure mobile banking application, this lively session will demonstrate how an attacker identifies weak spots, looks for attack vectors and vulnerabilities, and exploits mobile applications via intent sniffing and injection, weak authorization, vulnerable activity components and root detection and bypass.

"Though many mobile apps continue to repeat the security issues of the past, the novelties of these platforms can expose users to entirely new classes of attacks as well," says Ayzenberg. "With InsecureBank, we break down the barriers for learning and interacting with these new vulnerabilities and allow professionals to develop the methodologies required for identifying these issues and securing our systems."

Mick's years of security industry experience have included consulting on dozens of mid-to-long term projects for well-known technology companies. He has done extensive work in network protocol analysis, reversing, and fuzzing of both software applications and network communications.

In addition to presenting at the conference, Security Innovation will be conducting a miniature version of their web application Hackathon directly in their booth, which they are calling the "Tournament of Knights." Attendees will have an opportunity to test their coding skills in order to become a Squire (novice), Knight (intermediate) and Kingsgaurd (expert) at three separate hacking stations. Each station has different vulnerabilities to find and techniques to try from SQL injections to cross site scripting. Participants will be given a cheat sheet according to their skill level and Security Sages will be on hand to help answer questions and provide hints.

About Security Innovation

Since 2002, Security Innovation has been the trusted partner for cybersecurity risk analysis and mitigation for the world's leading companies, including Microsoft, Sony, GM, Disney, Google and Dell. Recognized as a Leader in the Gartner Magic Quadrant for Security Awareness Computer-Based Training for the second year in a row, Security Innovation is dedicated to securing and protecting sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com.

About Connected Security Expo

In its inaugural year, the Connected Security Expo @ ISC West is sponsored by the Security Industry Association (SIA) and co-located with ISC West, the largest physical security event in America. The Connected Security Expo is the only event where attendees can experience physical security from an IT security lens. The educational sessions allow cyber and security leaders from across industries to explore how to bridge the gap between logical and physical security, and how to best protect critical data in the growing dawn of the Internet of Things. For more information or to register for the Connected Security Expo, visit www.connectedsecurityexpo.com.

Featured Product

GreenPeak’s GP565 – ZigBee for smart Remote Controls

GreenPeak's GP565 - ZigBee for smart Remote Controls

The GP565 Smart Home RF chip for remote controls supports voice control, motion sensing and the new ZRC 2.0 protocol. The GP565 is optimized for advanced & low cost ZigBee RF4CE remote controls. • 120k or 248k Flash (8k or 16k RAM) memory • 40-pin footprint to support a keyboard scanner interface or other IO interfaces required for remote controls. • Reduced current consumption and improved receiver sensitivity and output power • Patented Antenna Diversity technology enables superior range and WiFi/Bluetooth interference rejection