13 episodes

Beyond the Now is an IoT security podcast, brought to you directly from the technology ecosystem. Your host is David Maidment, Senior Director Secure Device Ecosystem at Arm (a PSA Certified founder). He brings over 25 years of experience in the embedded and connectivity industry.

In this podcast, David speaks to industry leaders from across the tech sector to discuss their views on the past, present and future of IoT security. In each episode, we dial in on the challenges businesses and consumers face to secure the future of the IoT to create a safer more connected society.

Beyond The Now IoT Security Podcast | PSA Certified PSA Certified

    • Technology
    • 5.0 • 4 Ratings

Beyond the Now is an IoT security podcast, brought to you directly from the technology ecosystem. Your host is David Maidment, Senior Director Secure Device Ecosystem at Arm (a PSA Certified founder). He brings over 25 years of experience in the embedded and connectivity industry.

In this podcast, David speaks to industry leaders from across the tech sector to discuss their views on the past, present and future of IoT security. In each episode, we dial in on the challenges businesses and consumers face to secure the future of the IoT to create a safer more connected society.

    Secure by Default with Microsoft: “Without IoT security people will be reluctant to innovate.”

    Secure by Default with Microsoft: “Without IoT security people will be reluctant to innovate.”

    In our second #beyondthenow podcast episode with Microsoft, we take a deep dive into IoT security with Eustace Asanghanwa (Principal Program Manager for Security, Azure IoT, Microsoft). Eustace and David explore IoT security challenges, what we mean by a secure by default approach, and the benefits of protection profiles. They also discuss Microsoft Azure's PSA Certified Level 1 certification, how it is helping to facilitate better collaboration with the ecosystem, and why we need to see more cohesion between different security certification schemes.


    Introductions to Eustace and Microsoft. [01:24]
    The Azure RTOS is PSA Certified Level 1 and how this addresses the ‘trilemma’ of IoT security. [03:56]
    PSA Certified is also helping to facilitate collaboration between the AzureRTOS and the ecosystem. [06:56]
    People value IoT security but they don’t always know what it means. [09:41]
    Securing the IoT will encourage new innovations [10:44]
    The autonomy of IoT devices is removing the ‘human companion’ and the IoT security protection that provides. [12:01]
    What is a ‘secure by default’ approach to security? [16:11]
    A Secure by default approach enables a threat modeling mindset. [17:08]
    When you design-in security you need to consider the product’s entire lifecycle. [18:52]
    People are willing to invest in IoT security because they understand the value of the IoT and digital transformation. [22:10]
    Securely deploying the IoT requires an ecosystem approach. [23:00]
    It's unrealistic to expect system integrators to become experts in all areas of IoT development and deployment. [24:53]
    As an ecosystem, we need to work together on the solutions to reduce the burden on system integrators. [26:29]
    Microsoft Azure’s Blueprint approach to IoT security. [27:39]
    Confidential Compute and the edge. [31:47]
    Protection profiles help us to answer the question ‘Is this device secured?’ [33:21]
    Protection profiles create a baseline of requirements for specific devices to be secured. [36:20]
    Multiple certifications help us target security at different levels of granularity. [39:36]
    We expect to see a more cohesive composition between IoT security certification schemes that target different functionalities and markets. [41:27]
    Eustace’s predictions for the IoT in 5 years’ time. [46:02]
    Blockchains might lower the cost of security infrastructure. [49:01]
    Eustace’s top piece of IoT security advice. [50:26]

    • 53 min
    Digital Transformation, Digital Twins, and the Metaverse with Microsoft

    Digital Transformation, Digital Twins, and the Metaverse with Microsoft

    In the first of two #beyondthenow podcast episodes with Microsoft Azure, we explore the wider impact of the IoT and digital transformation on businesses, setting the scene for the importance of security. Tony Shakib (General Manager, Azure IoT, Microsoft) sits down with David to discuss why digital transformation is becoming a necessity, how the IoT is helping fuel a more proactive business model and why security should be part of the core fabric of your solutions.


    Introduction to Tony Shakib (General Manager, Microsoft Azure IoT). [01:18]
    What are the main industries that Microsoft are working with on their digital transformation journey? Industrial IoT, Smart Cities, and Connected Healthcare. [03:01]
    The three phases of digital transformation: connectivity, context, connected ecosystems. [05:29]
    Digital transformation results in operational efficiency but also allows you to grow your business in new ways. [09:09]
    What are digital twins? [11:43]
    The IoT is fueling a more proactive business model. [14:17]
    The IoT is helping build the industrial metaverse. [15:47]
    Businesses are realizing that digital transformation is no longer optional. [17:25]
    Microsoft take a zero-trust approach to IoT security and their IoT security solutions. [20:30]
    Legacy devices are one of the biggest challenges for those starting their digital transformation journey. [23:21]
    Tony’s predictions for the IoT landscape in 5 years’ time. [26:01]
    Edge compute and cloud compute are equally important. [28:51]
    Tony’s advice for the listeners: Utilize the existing guidance on IoT security to better understand the nuances of IoT security your industry. [30:07]

    • 32 min
    IoT Security at the Edge with Eurotech: “Security is not just a concern. It’s a barrier to adoption”

    IoT Security at the Edge with Eurotech: “Security is not just a concern. It’s a barrier to adoption”

    In the first episode of series 2 of the #beyondthenow IoT security podcast, David is joined by Marco Carrer, CTO of Eurotech, to examine the emergence of edge devices. They discuss what we mean by edge devices, the crucial role the edge is playing across all industries, and the challenges of edge device security. We also discuss the benefits of industry collaboration and how IoT security frameworks are bridging security knowledge gaps. 

    · Introductions to Marco Carrer and Eurotech. [01:01]

    · What do we mean by the edge and edge devices. [03:20]

    · Why have edge devices been developed? What is driving compute closer to the data source? [4:13]

    · Edge devices reduce our reliance on the cloud but the application will decide how much computing power you need at the edge. [06:27]

    · Do edge devices still have a relationship with a data center? [07:44]

    · What kind of industries are adopting edge technologies? [10:24]

    · How the edge is enabling the merging of IT and OT in the Industrial IoT space and how this complicates security further. [12:15]

    · The PSA Certified 2021 Security Report found that a lack of expertise was a major barrier when implementing IoT security, with that in mind how do customers describe their IoT security requirements to a company like Eurotech? [14:48]

    · We’re in a transition phase where early adopters are keen to implement IoT security, but many people are still holding back. [16:07]

    · The importance of industry collaboration to provide IoT security collaboration. [16:48]

    · How IoT security frameworks are helping Eurotech and their customers understand their security requirements. [17:39]

    · IoT is fragmented even beyond security with many different architectures, protocols, and deployment scenarios. [19:10]

    · IoT security needs to be embraced by the entire business, not just the engineering teams. [20:02]

    · We need collaboration from the entire ecosystem, even those who are traditionally seen as competitors. [21:24]

    · What do you think the IoT landscape will look like in 5 years?: The emergence of edge workload consolidation. [23:31]

    · How edge workload consolidation will increase IoT security adoption. [25:19]

    · What advice would you give listeners when it comes to IoT security? [26:40]

    • 30 min
    SMB Cybersecurity Challenges: “Collaboration is our greatest armory”

    SMB Cybersecurity Challenges: “Collaboration is our greatest armory”

    In this podcast, David is joined by Dr. Sally Eaves, Senior Policy Advisor for the Global Foundation of Cyber Studies & Research and CEO of Aspirational Futures. Sally and David examine the impact Covid-19 has had on both our professional and personal lives and the crucial role security has played in this adaption. They also discuss how the narrative around security must change and the key role collaboration plays in the future of IoT security.

    ·  Introduction to Sally Eaves. [1:05]

    ·  Technology as a cause for good. [2:32]

    ·  The emergence of hybrid models over the last 12 months in all aspects of everyday life and the impact this has had on IoT security. [3:18]

    ·  Has COVID-19 raised the awareness of the cyber threat? [7:16][SS1]

    ·  Companies are changing how they approach digital transformation and IoT security: CFOs, CEOs and CTOs are leading security discussions and acting as positive agents of change. [9:30]

    ·  The role the tech industry has in improving cyber-security education. [12:09]

    ·  “Security has to be embedded in every aspect of organizational strategy”. [13:28]

    ·  The PSA Certified 2021 Security Report: is it a surprise that smaller companies are struggling to implement best practice security? [14:22][SS2]

    ·  The growing security skills shortage and addressing misconceptions surrounding IoT security access and cost. [17:08]

    ·  5G and other emerging technologies offer a wealth of possibilities, but this needs to be underpinned by robust security infrastructure. [21:12]

    ·  What are the biggest challenges for CTOs and CIOs on the digital transformation journey? [22:46]

    ·  The importance of changing the narrative around security- it's a differentiator that can enable the future of your organization and should be embedded into the DNA of every business. [25:18]

    ·  What is the future going to look like in 5 years’ time? The power of collaboration as a positive contagion of change for security and climate change. [27:18]

    ·  Bridging the gap between the perceptions of IoT security and the realities: “collaboration is our greatest armory”. [29:12]

    Sally’s main piece of advice for companies when approaching IoT security: your security strategy needs to be “holistic, flexible and scalable”.  [31:07]

    Prof. Sally Eaves is Senior Policy Advisor for the Global Foundation of Cyber Studies & Research and CEO of Aspirational Futures which enhances inclusion in education and technology. A highly experienced Chief Technology Officer, Professor in Advanced Technology and Global Strategic Advisor, Sally is an Author and Speaker on Digital Transformation (Cloud Computing, Cyber Security, 5G, IoT, IIoT, AI, ML, Blockchain), Culture, Skills, Sustainability and Social Impact.

    LinkedIn

    Twitter

    • 35 min
    Predicting the Future of IoT security: “When our customers have the requirements, we need the silicon to be ready.”

    Predicting the Future of IoT security: “When our customers have the requirements, we need the silicon to be ready.”

    In this podcast, David is joined by Mike Dow, Senior Product Manager, IoT Security at Silicon Labs. Mike and David talk about changes in the semiconductor industry over recent years, including emerging regulations and more sophisticated attacks that target end nodes. Mike provides the silicon vendor perspective, discussing the critical role they play in setting the foundation for IoT security and the importance of looking to the future when designing products to meet customer requirements.



    ·  Introductions to Mike Dow [00:45]

    ·  Introductions to Silicon Labs [02:00]

    ·  Where are we with security? Are customers asking for security? [03:30]

    ·  Where is the pull for security coming from? The IoT regulations mean you can’t ignore security [04:20]

    ·  We’re moving from ignoring security, to being actively concerned about the role it plays for a business’ success [05:45]

    ·  The change in IoT security over the last two years [06:25]

    ·  What this change means for semiconductors: more things to worry about [07:30]

    ·  The role of the Root of Trust for semiconductor vendors: the “brain of the device”, the secure boot process and why this is important [08:15]

    ·  Do OEMs have an appreciation for the Root of Trust and what it offers them? [10:15]

    ·  Silicon Labs are the world first to achieve PSA Certified Level 3. The role of remote attacks vs. physical attacks and why it is important to protect against both [11:35]

    ·  The sophistication of the attacks will grow over time and we must be ahead of the game [14:18 ]

    ·  The time delta between creating a silicon product and that product being in the market is quite large: so we essentially have to predict the future [15:22]

    ·  Looking five years ahead, staying ahead of where the world is moving. How much can you patch later? The role of updatable security subsystems [16:22]

    ·  You must start with good quality silicon, or everything unravels [18:24]

    ·  IoT deployment models and the long lifecycle of IoT, especially for embedded sensors [19:03]

    ·  If the premise is that that the crooks will always find a way, and always find a hole, then a good engineer will always build in a mechanism to update [19:57]

    ·  Why update policies are suddenly very important [20:40]

    ·  PSA Certified Security Report 2021 and the feedback from the industry on cost, the view on cost from a silicon vendor point of view? [22:37]

    ·  The state of the nation of certification on IoT and what we need to overcome: inheriting certification and “crowdsourcing” certifications to avoid choking the ecosystem [27:00]

    ·  Mike’s advice for the future of IoT: consolidating requirements and protection profiles [34:22]

    • 41 min
    IoT Devices and the Cost of Cybersecurity with Flex: "Security is as necessary as the device power supply"

    IoT Devices and the Cost of Cybersecurity with Flex: "Security is as necessary as the device power supply"

    In this podcast David is joined by Dr. Juan Nogueira, Senior Director of Connectivity Center of Excellence, from worldwide ODM, Flex. They have a fascinating discussion about how Flex approach security and why there is always space in the bill of materials for security. They also talk about how ODMs are not only creating IoT, but also embracing IoT – it’s one not to miss!

    Dr.  Nogueira is Sr. Director for Connectivity in the Global Technology Team at Flex. In this role he is defining technology roadmaps, evaluating new innovative solutions, establishing strategic collaborations with partner companies and leading internal research programs in the field of wireless communication. Prior to working at Flex, he was Lead System Architect of Advanced Development and System Architectures first at Robert Bosch GmbH and then at Bosch Connected Devices and Solutions GmbH (BCDS) in Reutlingen (Germany). In this position he defined the connectivity technology roadmap that later concluded with the foundation of BCDS as the Bosch subsidiary focused in connectivity and IoT. Before that, he worked in corporate R&D for wireless communication and sensing systems at Sony Corporation in Stuttgart (Germany) where he held the positions of Senior System Engineer and Principal Engineer. Dr. Juan Nogueira holds a PhD in Telecommunications Engineering from the University of Vigo (Spain). He subsequently became an associated professor at the University of Vigo in the Electronic Technology Department, collaborating with industry on projects in the area of industrial field buses. He has written numerous articles and holds 20+ patents in the area of communication protocols, wireless sensor networks and IoT.

    1.03: Introduction to Flex and their role in the IoT industry.

    5.15: Is security a growing concern with Flex’s customers?

    5:40: Why it’s easy to overlook IoT security in the construction industry.

    6:28: Security isn't just for high value assets, time is money.

    7:56: The business cost of failure when things go wrong?

    8:50: Educating customers on IoT security. You cannot just assume thing are secure in IoT.

    9:19: Flex’s proactive approach to IoT security. Demonstrating security credentials, adding credibility.

    10:20: Introducing the PSA Certified 2021 Security Report: cost is still an issue for OEMs and the main concern for customers.

    13:15: There is always room in the Bill of Materials (BOM) to compensate for the additional cost of security, it’s just as necessary as your power supply.

    16:28: All markets must consider security, the high-impact industries are leading the way.

    18:11: Relationship between IoT, security and machine learning in the edge.

    20:10: Flex are not just creating IoT, but also embracing IoT to benefit from AI and digital transformation.

    21:50: Opportunities for production lines, and the challenge of technical debt/retrofitting existing machinery, so machines can benefit from digital transformation too.

    24:10: The IoT landscape in five years time – IoT will feel like “everyday normal.” 5G will be deployed in both public and private networks.

    26:58: Juan’s advice for device security implementations now to secure tomorrow.

    • 29 min

Customer Reviews

5.0 out of 5
4 Ratings

4 Ratings

Top Podcasts In Technology

Lex Fridman Podcast
Lex Fridman
The Gatekeepers
BBC Radio 4
Acquired
Ben Gilbert and David Rosenthal
All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
Deep Questions with Cal Newport
Cal Newport
Mission Responsible
RS DesignSpark