Podcast E036 | Breaking Embedded IoT Systems | Ken Munro, Partner at Pen Test Partners

Podcast E036 | Breaking Embedded IoT Systems | Ken Munro, Partner at Pen Test Partners

#IoTMakers | E036

Listen on Apple Podcast  |  Listen on Spotify  |  Listen on Google Podcasts

On this IoT For All podcast episode, Ken Munro, Partner at Pen Test Partners, shares his experience finding and disclosing security vulnerabilities by breaking embedded IoT systems.

Ken walks us through the testing and reporting process for security vulnerabilities and how liability is handled in cases where devices are tested and issues are found, especially when manufacturers choose to ignore said issues. He also addresses how companies without impregnable devices can be put out of business due to security failures and why security continues to be an afterthought.

The episode concludes with a discussion about how companies are handling the growing threat of cybercriminals, what the catalyst will be to driving rapid change across the industry and how IoT device regulations in states like California and Massachusetts can be adopted nationwide. Finally, Ken answers the tough question of whether or not we should be scared of IoT.

If you’re interested in connecting with Ken, check out his LinkedIn!

About Pen Test Partners: Pen Test Partners is a partnership of high-end penetration testers, cherry-picked for their wealth of knowledge and years of experience in the pen testing sector, with a passion to be the very best at what they do.

Key Question and Topics from this Episode:

(6:26) What is the device testing process like for PenTest Partners? 

(7:49) How is liability handled in cases where devices are tested and issues are found but manufacturers are not open to change or feedback? 

(8:48) Why is security an afterthought in IoT? 

(10:27) What size companies are impacted the most when it comes to being put out of business due to security failures?

(12:08) What is the reporting “process” when you find issues with devices? 

(17:11) Outside of cost, what is contributing to the cause of these security vulnerabilities?

(19:48) What can be done to fix security holes once a product is launched and out in the market, if anything? 

(21:17) How wary should consumers be of products coming from smaller companies/startups?

(23:06) How are IoT companies dealing with the growing threat of cybercriminals and the potential threat to their businesses?

(25:15) What is it going to take to start driving change across the industry? 

(26:58) How will IoT device regulations in states like California and Massachusetts be adopted by other states?  

(36:02) What advice can be given to consumers when it comes to buying an IoT device?

(31:58) Should we be scared of IoT?

More Podcasts

Image of Assar Badri, CEO and Co-founder of CoreKinect is the guest on IFA's Podcast Episode 37

Podcast E037 | How Will LPWAN Impact IoT? | Assar Badri, CEO & Co-Founder...

On this IoT For All podcast episode, the senior team from CoreKinect (Assar Badri, CEO and Co-Founder; John Horn, President and Chief Strategy Officer; and Mitchel Kelley, Principal Engineer) discuss building custom hardware and how LPWAN will impact IoT.
Episode 036 Ken Munro breaking iot systems

Podcast E036 | Breaking Embedded IoT Systems | Ken Munro, Partner at Pen Test...

On this IoT For All podcast episode, Ken Munro, Partner at Pen Test Partners, shares his experience finding and disclosing security vulnerabilities by breaking embedded IoT systems.
Episode 035 Roger Brooks

Podcast E035 | What Role Does Artificial Intelligence Play in IoT? | Dr. Roger...

On this IoT For All podcast episode, Dr. Roger Brooks, Chief Scientist at Guavus, defines artificial intelligence (AI), Machine Learning (ML) and Machine Intelligence (MI) and how each of these impact whether or not an IoT solution is successful.
E034 - Gerardo Giaretta

Podcast E034 | What Impact Will 5G Have on the IoT Space? | Gerardo...

On this IoT For All podcast episode, Gerardo Giaretta, Senior Director of Product Management at Qualcomm, defines industry 4.0 and addresses how 5G will influence trajectory of the Industrial Internet of Things (IIoT).
E033-Michael Murray Feature

Podcast E033 | What Is Cyber-Physical Security?| Michael Murray, SVP & GM of Cyber-Physical...

On this IoT For All podcast episode, Michael Murray, Senior Vice President and General Manager of Cyber-Physical Systems at Blackridge Technology explains the difference between cybersecurity and cyber-physical security. Michael also discusses how with great connectivity comes great responsibility.
Enterprise IoT Connectivity Management with a headshot of John Candish from SAP Digital Interconnect

Podcast E032 | Enterprise IoT Connectivity Management | John Candish, Head of IoT Products...

On this IoT For All podcast episode, John Candish, Head of IoT Products at SAP Digital Interconnect explains what connectivity is and why it's fundamental to enabling enterprises to become intelligent. John also discusses the relationship between AI, IoT and connectivity.
How to Effectively Handle Digital Transformation

Podcast E031 | How to Effectively Handle the Digital Transformation Journey | Sean Parham,...

On this IoT For All podcast episode, Sean Parham, Corporate VP of Product Management at ABB Ability explains the short term changes companies are making to handle their digital transformation journies effectively. Sean also discusses how the biggest changes throughout that transformation aren't found in the technology but enabled by it.
Augmenting Supply Chains with IoT

Podcast E030 | Augmenting Supply Chains With IoT | Peter Mehring, Founder & CEO...

Peter Mehring, Founder & CEO of Zest Labs, discusses how IoT is augmenting the fresh food supply chain, improving labor utilization and reducing the impact of food waste.
Austin Ahse General Manager, Current

Podcast E029 | How Is IoT Improving Transparency Between Smart Cities and Citizens? |...

On this IoT For All podcast episode, Austin Ashe, GM of Intelligent Cities at Current (Powered by GE), explains what "smart lighting" actually means. He also dives into GE's strategy for moving from lighting to smart cities and how it's helping to improve urban transparency.
IoT Founders_ Dan Harper_028

Podcast E028 | How to Build a Marine IoT Fleet Management Solution | Daniel...

On this IoT For All podcast episode, the founder and CEO of Siren Marine, Daniel Harper, shares the story behind his IoT Connected Boat® technology and how he brought the marine fleet management solution to market with the help of their IoT solutions provider, Leverege.

Trending