Pre-Program – Connect Security World 2018
Connect Security World - Embedding Trust in IoT Systems and Connected Hardware | September 24-26, 2018 – Marseille, France


This version is continuously updated and enriched with additional speakers: keep posted!
Update: June 19, 2018
DAY 1 – Monday Sept. 24 AFTERNOON
Connect Security World Smart Security Week Innovation Live
Keynotes & panels addressing transversal topics of the Smart Security Week conferences


Welcome Cocktail
DAY 2 – Tuesday Sept. 25
Track1: Secure Technologies
Track 2: Secure IoT Implementation
360° Views on IoT Security
All-day: Exhibition & Demos
Embedded Security Frameworks Advances IoT in the Entreprise:
Best Practices
Home & Consumer IoT Devices Security
Exhibition & Demos
Crypto Advances in IoT Context IoT Certification & Trust Frameworks
Awards Ceremony
Gala Dinner
DAY 3 – Wednesday Sept. 26
End-to-end security for IoT Networks
Exhibition & Demos
AI for IoT Systems Protection
(Jointly with Predictive Security World)
GDPR & Privacy Protection
(Jointly with Identity & CyberSecurity Innovation World)
Exhibition & Demos

DAY 1 - Monday September 24 Afternoon

Connecting the World with the New Privacy Reality
Heaven or Hell?
(Agenda preview: keep posted on updates)

Common to the co-located conferences forming Smart Security Week, the Grand Opening will be addressing the global move to put the consumer and citizen back in control of their data at multiple levels (citizen ID, customer ID, IoT devices ID, social network ID etc.).

This non-technical plenary session will explore both the latest privacy and data protection initiatives –policies, regulations, standards…– and their related societal and economic challenges.

On stage, several keynotes from high-level representatives of the EU, US, international organizations and other countries, as well as private sector representatives.

Day 1
24 Sep 2018
Jon Shamah

Welcome and Introduction

Part 1 – The Impact on the Citizen and Digital Society

● The end of “Nothing for Something”, how the Information Economy may start to pay its bills

● Consenting Adults? Weighing up the $ benefits of privacy

Day 1
24 Sep 2018

PANEL: Is it the end of the information-based “mega $ corporate”?

Despina Spanou, Director for Digital Society, Trust and Cybersecurity, European Commission
With Despina Spanou (to be confirmed)                  
Despina Spanou

Part 2 – The Impact on Service Providers and Government

● The era of the lost devices, too many end-points?

● Privacy breaches in Public Sector – who pays?

Day 1
24 Sep 2018

PANEL: The eternal debate – privacy or security? CCTV, Cyberwars, Politics and GDPR

Donna Dodson, Chief Cybersecurity Advisor and Executive Director CCoE, US NIST
Dr. Steve Purser, Head of Core Operations, ENISA
Dr. Angelika Steinacker, Vice-President, Eurosmart ; Head of Technology Consulting R&D, Standardisation Manager C-TO, Giesecke+Devrient, Germany
With Donna Dodson (to be confirmed), Dr. Steve Purser (to be confirmed), Dr. Angelika Steinacker (to be confirmed)
Donna Dodson
Dr. Steve Purser
Dr. Angelika Steinacker

Smart Security Week Innovation Live
2.00pm: Exhibition Opening
Welcome Cocktail

DAY 2 - Tuesday September 25

9.00am - 1.00pm: Break-out Sessions | 10.50 - 11.20am: Coffee & Refreshments Break – Networking – Exhibition
Track 1
Track 2

360° Views on IoT Security
Day 1
25 Sep 2018
Mikhail Gloukhovtsev

IoT Security: Challenges, Solutions & Future Prospects

• Overview of IoT security challenges, security requirements for IoT architecture, current security solutions and new evolving technologies
• Best practice recommendations to IoT security practitioners
• Current IoT security solutions and trends in their developments

Asaf Ashkenazi

Keeping IoT Secure: Preempting Emerging Cyber Attacks of Tomorrow

• Emerging security challenges, such as compromised IoT devices or malicious actors attempting to manipulate the flow of information
• Three step approach for IoT Security that can be easily implemented, maintained and upgraded
• Turnkey device to cloud solution

Christopher Schouten

IoT Security Foundations for Long-Term ROI

• IoT Security requires a variety of approaches to be successful
• IoT Security is also not a “one and done” approach, it requires active, long-term security lifecycle management
• Holistic approach to IoT security that includes security design and evaluation, a robustsecurity technology foundation and an ongoing security lifecycle management approach to protect IoT investments

Embedded Security Frameworks Advances
Day 1
25 Sep 2018
Gil Bernabeu

Embedding Trust in IoT Systems and Connected Hardware

• Today’s digital IoT landscape and the challenges it faces due to the level of new players, devices and cloud platforms.
• The roles service providers, IoT device makers and cloud platform providers need to play for the IoT landscape to reach its full potential
• Why GlobalPlatform is calling on industry stakeholders to collaborate on their efforts to secure the IoT ecosystem

Stéphane Di Vito

Software Isolation Solution Protects IoT Devices

• Lightweight Software Security solution for internet-facing embedded devices
• Lightweight OTA secure firmware update
• Increased reliability, security and maintainability of embedded software
• Limited impact on memory footprint and performances

IoT in the Entreprise: Best Practices
Day 1
25 Sep 2018
Piotr Ciepiela

Title TBC

Caleb Crable

“I Social-Engineered a Screwdriver”

• Physical security a major problem, but physical security awareness is even bigger
• The typical employer/employee security awareness relationship is a quarterly “date night” at maximum.
• The mere physical presence of employees in an office means instant firewall bypass
• Empowering your headcount with security knowledge tailored to their level of understanding is some of the most important training an organization can provide

Mona Mustapha

Is your IoT Solution Secure End-to-End?

• IoT customers are often unsure of the security measures implemented for their solution
• GSMA developed a free-to-use IoT security assessment scheme
• The scheme can help expose weak links in IoT solutions
• The scheme can also be used to measure the security of IoT services

Kabir Barday

Operationalise Accountability and Privacy by Design: What to Automate in Your Privacy Programme

• How to best implement efficient and effective data handling practices in the face of new privacy regulation requirements
• Learn how to use PIAs and data maps to document and track new initiatives and demonstrate compliance
• Practical tips for how privacy practitioners assess current practices to determine what can and cannot be automated

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 6.45pm: Break-out Sessions | 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Exhibition

Blockchain for IoT Security
Day 1
25 Sep 2018
Sebastian Magnusson

Evaluation of Decentralized Alternatives to PKI for IoT Devices

• Distributed ledgers in systems with limited performance.
• Distributed ledgers as platforms for alternatives to PKI
• Advancements required for the technology to become a viable platform
• Discussion regarding the possibilities of creating a fully decentralized certificate authority using smart contracts

Helmut Scherzer

Blockchain – Unchained

• The entire Blockchain idea has several system-immanent contradictions regarding its well-known promises
• A scientific reflection providing critical views on Blockchain open to discussion with the floor

Home & Consumer IoT Devices Security
Day 1
25 Sep 2018
Dr. Gisela Meister

Security Requirements on IoT Devices

  • Standardisation  activities in Germany on Home  IoT Devices
  • Regulatory aspects
  • Certification  issues and labelling for IoT devices
Jakob Buron

Security of the Context-Aware IoT

• Growing concerns for security of IoT and smart home devices of consumers
• Recent advancements in IoT technology enabling new smart home functions
• How new devices can be added into an ecosystem with legacy, backwards-compatible devices in a secure way

Marion Andrillat

First Automated Tool of Security Assessment on IoT Products: Application to the Smart Home

• First automated testbench on security assessment for the communication channels on
connected devices
• First offer in the mainstream for security (self-) assessment
• First use case applied to the smart home connected products
• Available demonstration on a HUE lamp (known vulnerabilities)

Josh Fu

Memory-Based Attacks and AI for Evil: What You Should Know

• Memory based attacks are on the rise because they offer criminals the most ROI
• Learn two of the most relevant, common ways memory attacks occur
• Learn how the exact techniques to be better protected against memory attacks immediately

Crypto Advances in IoT Context
Day 1
25 Sep 2018
Tomas Gustavsson

Using Best Practice PKI to Secure IoT Solutions

• PKI is one of the fundamental technologies for IT security
• PKI can be applied with existing best practices to IoT
• PKI assist in securing the whole IoT product lifecycle, including…
• Secure supply chain, bootstrapping, operations and software updates

Helmut Scherzer

BitFlip symmetrical encryption method

• A disruptive symmetric encryption algorithm based on provable security and not using a crypto algorithm
• Attractive for the low-end IoT devices who might not be able to afford crypto-hardware to run AES or other crypto algorithms
• A method adding to security where ‘normal’ crypto wouldn’t be applicable anyway

Derek Atkins

End-to-End IoT Authentication Leveraging Quantum-Resistant Techniques

• How to use public-key techniques to add end-to-end authentication into constrained devices
• Hear about small code size, fast-running, quantum-resistant public-key authentication for IoT
• Learn how to incorporate low-resource cryptography into your own IoT devices
• Find the fun in interesting math challenges and the inner workings of standards processes

IoT Certification & Trust Frameworks
Day 1
25 Sep 2018
Salvatore Francomacaro

Standards: IoT interoperability and collaboration (Title TBC)

Ernst Bovelander

Assessing the Security

• Security of ‘simple’ iot devices explained
• Assuring the security of iot devices
• How to develop secure iot devices

Dr. Beatrice Peirani

Mobile Security with Software, Which Role for the Standards

• Mobile security by software
• The example of cloud-based payment
• The example of FIDO

Gala Dinner

DAY 3 - Wednesday September 26

9.00 – 10.50am: Break-out Sessions | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Exhibition | 11.20am – 1.00pm: Break-out Sessions

End-to-end security for IoT Networks
Day 1
25 Sep 2018
Dr. Stephan Spitz

5G Security Considerations

• Overview on 5G services (massive IoT, low latency, ultra-high bandwidth, …)
• Opportunities for new Security Solutions with 5G
• Assessment of the Attack Surface with 5G Networks
• Authentication and Evolution of the SIM with 5G

Matthias Schorer

Securing the Edge: The Periphery of IoT

• For the connected era to succeed priority must be given to securing the edge
• Security has traditionally focused on protecting data center infrastructure: that approach needs to change to deliver a holistic approach, from the data centre to the edge.
• Ultimately, applications and data are what we need to protect. Applications are the new focus and alignment with application teams to deploy containers and DevOps will fuel this model

Danny Hughes

Securing the Industrial Internet of Things

• Billions of sensors … a security nightmare
• The building blocks for a secure Industrial IoT
• Best practices to secure your Industry 4.0 solutions

Laurent Gomez

Towards End-To-End Data Protection for Industry 4.0

• End to end data protection from device to industrial applications, leveraging on low power network, targeting compliance with GDPR
• Evaluation done in collaboration with the City of Antibes and Juan-les-Pins, on their water distribution network, and SIGFOX

AI for IoT Systems Protection
(Jointly with Predictive Security World)
Day 1
25 Sep 2018
Josh Fu

Artificial Intelligence: Impact on the World

• Artificial intelligence and machine learning are everywhere, but overused and misunderstood
• Learn about the history and subfields of AI and ML and how the tech applies to various industries
• AI is imperative to solving IoT scalability challenges from worker shortages and overwhelming malware creation

Priti Patil

Bridging Gap Between Security and IT Using Risk Aware IAM Analytics

• How risk aware IAM Analytics helps to bridge gap between SOC and IAM
• How machine learning and cognitive can give a full view of risks
• How machine learning and cognitive can provide intelligence to mitigate risk

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 4.30pm: Break-out Sessions

GDPR & Privacy protection
(Jointly with Identity & CyberSecurity Innovation World)
Day 1
25 Sep 2018
Martin Claich

How to Tackle the GDPR: A Typical Privacy & Security Roadmap

• Understand the requirements and importance of GDPR for privacy and security teams
• Learn how privacy management tools fit into an overall security ecosystem
• How to demonstrate ongoing compliance with GDPR and other regulations

Abilash Rajasekaran

Internet of Things made secure with Freedombox using Decentralized Architecture

• How to make data secure in Internet of Things
• Freedombox an open source server operating system use case in accessing IoT devices even without internet

Pr. Florence Sèdes

Data Management Issues and GDPR in Information Systems

• Data science in the large
• Security and privacy by design
• State of the art and technologies
• New issues in data management: aggregation, metadata, profiling, grey sheep users…

End of the conference