(Where’s the) Security in the Internet of Things? | Singapore Government Developer Portal
Have feedback? Please


22 Mar 2021
STACK Meetup
Online (via Zoom)

For upcoming STACK-X webinars and a full list of our past events, please visit our Meetup page.


Who should attend: If you are a software engineer, IoT engineer, device manufacturer or security manager, this talk is for you!

The Internet of Things (IoT) technologies offer many potential benefits to consumers and organisations. Some uses of IoT include the monitoring of sensor data, system automation, and the remote control of smart devices.

With the advancements in low-powered computing and lower costs of implementation, we are witnessing an acceleration of the transformation of traditional analog systems into smart systems. However, more often than not, the security aspect of IoT systems tend to lag behind the technological advancements.

As such, hackers are turning to IoT smart systems as a prime target to pounce on.

In the first session, Keith and Jing Loon will be sharing insights on exploiting vulnerabilities in an IoT ecosystem from a hacker’s perspective. The sharing will include the thought process for identifying vulnerabilities, common ways of exploitation, and key security issues which IoT implementers should be mindful of.

In the second session, Kelvin will be discussing about possible security measures that device manufacturers can adopt to improve the security posture of their products. He will highlight the risks that may arise from a smart device concept, the importance of getting the requirements right at the start of a product development lifecycle, and the security considerations around the hardware and software of device development.

Programme Rundown

7:00 – 7:05pm: Introduction by GovTech

By: Keith Tay, Cybersecurity Specialist and Goh Jing Loon, Associate Cybersecurity Specialist, Advanced Cyber Attack Simulation, GovTech

By: Kelvin Wong, Senior Cybersecurity Specialist, National Strategic Projects, GovTech

8:05 - 8:15pm: Combined Q&A


Keith Tay is a cybersecurity specialist who leads GovTech’s IoT Penetration Testing team by day, and is an adjunct lecturer for Singapore Polytechnic by night. In 2020, Keith responsibly disclosed three vulnerabilities in a Wi-Fi mesh router, which allowed an attacker in close proximity to perform a complete takeover of the device. Keith is a certified penetration tester with OSWE/OSCE/OSCP/GAWN/CRT credentials.

Goh Jing Loon is an Associate Cybersecurity Specialist at GovTech. He is a member of GovTech’s IoT Penetration Testing team where he focuses on testing wireless technologies. He is also an avid security researcher who spends time researching and disclosing vulnerabilities. In 2019, Jing Loon was awarded the MINDEF Top 10 Bounty Hunter award and has also responsibly disclosed a cross-site scripting vulnerability in an open source package frequently used by IoT projects. Jing Loon is a certified penetration tester with OSWE/OSCP/GAWN/CRT credentials.

Kelvin Wong is a Senior Cybersecurity Specialist from GovTech’s Cybersecurity Group, supporting the Smart Nation Sensor Platform programme. His main focus is in IoT and Cloud Security, practising risk assessment and security by design.

Last updated 28 February 2023

Was this article useful?
Send this page via email
Share on Facebook
Share on Linkedin
Tweet this page