Look for a
lock () or https:// as an added precaution. Share sensitive
information only on official, secure websites.
- Overview
DUMMY TEXT
DUMMY TEXT
For upcoming STACK-X webinars and a full list of our past events, please visit our Meetup page.
Overview
Who should attend: If you are a software engineer, IoT engineer, device manufacturer or security manager, this talk is for you!
The Internet of Things (IoT) technologies offer many potential benefits to consumers and organisations. Some uses of IoT include the monitoring of sensor data, system automation, and the remote control of smart devices.
With the advancements in low-powered computing and lower costs of implementation, we are witnessing an acceleration of the transformation of traditional analog systems into smart systems. However, more often than not, the security aspect of IoT systems tend to lag behind the technological advancements.
As such, hackers are turning to IoT smart systems as a prime target to pounce on.
In the first session, Keith and Jing Loon will be sharing insights on exploiting vulnerabilities in an IoT ecosystem from a hacker’s perspective. The sharing will include the thought process for identifying vulnerabilities, common ways of exploitation, and key security issues which IoT implementers should be mindful of.
In the second session, Kelvin will be discussing about possible security measures that device manufacturers can adopt to improve the security posture of their products. He will highlight the risks that may arise from a smart device concept, the importance of getting the requirements right at the start of a product development lifecycle, and the security considerations around the hardware and software of device development.
Programme Rundown
7:00 – 7:05pm: Introduction by GovTech
7:05 – 7:35pm: A Hacker's Perspective - Identifying vulnerabilities in an IoT ecosystem + Q&A
By: Keith Tay, Cybersecurity Specialist and Goh Jing Loon, Associate Cybersecurity Specialist, Advanced Cyber Attack Simulation, GovTech
7:35 - 8:05pm: A Security Perspective - Eliminating the root of all (Internet of Things) Evil + Q&A
By: Kelvin Wong, Senior Cybersecurity Specialist, National Strategic Projects, GovTech
8:05 - 8:15pm: Combined Q&A
Speaker
Keith Tay is a cybersecurity specialist who leads GovTech’s IoT Penetration Testing team by day, and is an adjunct lecturer for Singapore Polytechnic by night. In 2020, Keith responsibly disclosed three vulnerabilities in a Wi-Fi mesh router, which allowed an attacker in close proximity to perform a complete takeover of the device. Keith is a certified penetration tester with OSWE/OSCE/OSCP/GAWN/CRT credentials.
Goh Jing Loon is an Associate Cybersecurity Specialist at GovTech. He is a member of GovTech’s IoT Penetration Testing team where he focuses on testing wireless technologies. He is also an avid security researcher who spends time researching and disclosing vulnerabilities. In 2019, Jing Loon was awarded the MINDEF Top 10 Bounty Hunter award and has also responsibly disclosed a cross-site scripting vulnerability in an open source package frequently used by IoT projects. Jing Loon is a certified penetration tester with OSWE/OSCP/GAWN/CRT credentials.
Kelvin Wong is a Senior Cybersecurity Specialist from GovTech’s Cybersecurity Group, supporting the Smart Nation Sensor Platform programme. His main focus is in IoT and Cloud Security, practising risk assessment and security by design.
Last updated 28 February 2023
Thanks for letting us know that this page is useful for you!
If you've got a moment, please tell us what we did right so that we can do more of it.
Did this page help you? - No
Thanks for letting us know that this page still needs work to be done.
If you've got a moment, please tell us how we can make this page better.