#HITBGSEC 2017 WELCOME ADDRESS - IoT - A Security Hole Without A Patch - Earl Carter

The number of IoT devices is growing at an alarming rate. Many of these devices go unnoticed. The problem is that the software used by many of these devices lack basic security measures that we take for granted in regular computer software. Furthermore, security advisories are almost non-existent for IoT. During this talk I will set the stage for how IoT is dramatically increasing the attack surface available to threat actors. I will show how IoT devices have already been utilized for attacks (such as the Mirai botnet), how difficult it can be to fix IoT security issues as well as illustrating some changes that need to happen in the industry to enable us to securely use IoT going forward.

===

Earl Carter has always had a passion for solving puzzles and understanding how things operate. Mr Carter quickly learned that identifying security weaknesses is just like solving puzzles. Almost 20 years ago, he was introduced to network security when he accepted a position at the Airforce Information Warfare center in San Antonio, Texas. In 1998, Mr Carter starting working Cisco and became one of the founding members on the Security Technology Assessment Team (STAT). After spending 15 years identifying new security threats and assisting product teams in hardening their devices and software to mitigate those identified security threats, Mr Carter became a Threat Researcher for Cisco Talos. Now he spends his time hunting for new threats against live customer networks by examining various intelligence feeds and data sources. Among Mr Carter’s significant contributions to Cisco are multiple security patents and authoring three Cisco Press Security Books along with co-authoring three more Cisco Press Security Books.