Podcast E036 | Breaking Embedded IoT Systems | Ken Munro, Partner at Pen Test Partners | IoT For All

Podcast E036 | Breaking Embedded IoT Systems | Ken Munro, Partner at Pen Test Partners

#IoTMakers | E036

Listen on Apple Podcast  |  Listen on Spotify  |  Listen on Google Podcasts

On this IoT For All podcast episode, Ken Munro, Partner at Pen Test Partners, shares his experience finding and disclosing security vulnerabilities by breaking embedded IoT systems.

Ken walks us through the testing and reporting process for security vulnerabilities and how liability is handled in cases where devices are tested and issues are found, especially when manufacturers choose to ignore said issues. He also addresses how companies without impregnable devices can be put out of business due to security failures and why security continues to be an afterthought.

The episode concludes with a discussion about how companies are handling the growing threat of cybercriminals, what the catalyst will be to driving rapid change across the industry and how IoT device regulations in states like California and Massachusetts can be adopted nationwide. Finally, Ken answers the tough question of whether or not we should be scared of IoT.

If you’re interested in connecting with Ken, check out his LinkedIn!

About Pen Test Partners: Pen Test Partners is a partnership of high-end penetration testers, cherry-picked for their wealth of knowledge and years of experience in the pen testing sector, with a passion to be the very best at what they do.

Key Question and Topics from this Episode:

(6:26) What is the device testing process like for PenTest Partners? 

(7:49) How is liability handled in cases where devices are tested and issues are found but manufacturers are not open to change or feedback? 

(8:48) Why is security an afterthought in IoT? 

(10:27) What size companies are impacted the most when it comes to being put out of business due to security failures?

(12:08) What is the reporting “process” when you find issues with devices? 

(17:11) Outside of cost, what is contributing to the cause of these security vulnerabilities?

(19:48) What can be done to fix security holes once a product is launched and out in the market, if anything? 

(21:17) How wary should consumers be of products coming from smaller companies/startups?

(23:06) How are IoT companies dealing with the growing threat of cybercriminals and the potential threat to their businesses?

(25:15) What is it going to take to start driving change across the industry? 

(26:58) How will IoT device regulations in states like California and Massachusetts be adopted by other states?  

(36:02) What advice can be given to consumers when it comes to buying an IoT device?

(31:58) Should we be scared of IoT?

More Podcasts

E033-Michael Murray Feature

Podcast E033 | What Is Cyber-Physical Security?| Michael Murray, SVP & GM of Cyber-Physical...

On this IoT For All podcast episode, Michael Murray, Senior Vice President and General Manager of Cyber-Physical Systems at Blackridge Technology explains the difference between cybersecurity and cyber-physical security. Michael also discusses how with great connectivity comes great responsibility.
Enterprise IoT Connectivity Management with a headshot of John Candish from SAP Digital Interconnect

Podcast E032 | Enterprise IoT Connectivity Management | John Candish, Head of IoT Products...

On this IoT For All podcast episode, John Candish, Head of IoT Products at SAP Digital Interconnect explains what connectivity is and why it's fundamental to enabling enterprises to become intelligent. John also discusses the relationship between AI, IoT and connectivity.
How to Effectively Handle Digital Transformation

Podcast E031 | How to Effectively Handle the Digital Transformation Journey | Sean Parham,...

On this IoT For All podcast episode, Sean Parham, Corporate VP of Product Management at ABB Ability explains the short term changes companies are making to handle their digital transformation journies effectively. Sean also discusses how the biggest changes throughout that transformation aren't found in the technology but enabled by it.
Augmenting Supply Chains with IoT

Podcast E030 | Augmenting Supply Chains With IoT | Peter Mehring, Founder & CEO...

Peter Mehring, Founder & CEO of Zest Labs, discusses how IoT is augmenting the fresh food supply chain, improving labor utilization and reducing the impact of food waste.
Austin Ahse General Manager, Current

Podcast E029 | How Is IoT Improving Transparency Between Smart Cities and Citizens? |...

On this IoT For All podcast episode, Austin Ashe, GM of Intelligent Cities at Current (Powered by GE), explains what "smart lighting" actually means. He also dives into GE's strategy for moving from lighting to smart cities and how it's helping to improve urban transparency.
IoT Founders_ Dan Harper_028

Podcast E028 | How to Build a Marine IoT Fleet Management Solution | Daniel...

On this IoT For All podcast episode, the founder and CEO of Siren Marine, Daniel Harper, shares the story behind his IoT Connected Boat® technology and how he brought the marine fleet management solution to market with the help of their IoT solutions provider, Leverege.
Firmware Vulnerabilities with Terry Dunlap

Podcast E027 | How to Discover and Handle IoT Firmware Vulnerabilities | Terry Dunlap,...

On this IoT For All podcast episode, former NSA analyst Terry Dunlap introduces us to the problem of IoT device firmware vulnerabilities and how to handle them. He also shares his compelling journey from a teen hacker to an operative tracking down terrorists. He shares with us how that path led to co-founding ReFirm Labs.
Ira Cohen - Ask IoT interview

Podcast E026 | Anomaly Detection with IoT | Ira Cohen, Founder & Chief Data...

On this IoT For All podcast episode, we take a technical deep dive into anomaly detection, discuss real-life Industrial IoT use cases and learn about Anodot's Autonomous Analytics platform.
Telematics: The Evolution of Connected Vehicles

Podcast E025 | Telematics: The Evolution of Connected Vehicles | Hope Bovenzi, GM of...

On this podcast episode, we learn the history of telematics, the role telematics plays in the evolution of connected vehicles and the up and coming automotive trend of Vehicle to Everything (V2X).
Crate.io Founder Christian Lutz

Podcast E024 | Deploying Successful IoT Solutions | Christian Lutz, Founder & CEO of...

On this IoT For All podcast episode, we discuss how to build and deploy successful IoT solutions, the story behind the award-winning startup Crate.io and how 5G will impact the industrial sector.

Trending