Info Security Conference

Trade Show and Conference in Copenhagen 2018

You know that you are a grumpy old man when you are invited to a free trade-show and still get annoyed about the fact that the first 4-5 rows in all the presentations are reserved to VIP’s. And when you get even more frustrated about the terrible acoustics in the so-called “theaters” – most build of textiles, but in reality in the same hall.

Anyway – it was a big thing with a LOT of attendees.

I was sort of hoping that this time the announced IoT Security would actually be about – well – IoT Security.

Instead I was reminded about how small the embedded world still is – even though we are growing. Nobody talked about security in firmware. Or about how you get production of X.509 Certificates integrated into your device-production (something that I will blog about soon). Even the many “perimeter-protection” discussions were focusing on how the IT was no longer just inside the company – but now also in the cloud.

Hello! – what about the billions of devices in the field?

The devices are not just a security risk for the company infrastructure. They may also be broken into, listened to, manipulated to give wrong data, copied or used in a botnet.

At this conference, IoT was mainly a buzzword, and when actually used, we were talking about using IoT – not implementing or securing it.

With the EU GDPR (General Data Protection Regulation) coming this month, it is no surprise that there is a lot of focus on how we handle personal data. But there was also other stuff – only not in relation to devices.

The most interesting from an embedded point of view is SIEM – Security Information and Event Management. This is often only software but with hardware it becomes really interesting – and scary.

I once worked in IPBlaze – a small company that created a TOE – TCP Offload Engine – that could be used to detect malware “on the fly” in the network.

The Danish company Napatech – https://napatech.com – has taken this to the next step. Not only do they survey the network, but they also store everything on disk that passes through certain points. This may be used when doing forensic analysis. The normal logs will only show something if malware was recognized at the time it passed through. With full data it is possible to dig into data when you are wiser – and to become wiser. Naturally this is in itself a thing that needs to be carefully protected.

A personal – not really statistically rooted – observation is that Windows is sort of catching up on Linux as platform for the various tools. This obviously reflects that this is where the corporate world is.

You wouldn't steal a car - but you can!

Being a fan of the IT-Crowd – https://www.imdb.com/title/tt0487831/– I had to take this picture.