DigiCert Speaking Session:
The Increasing Importance of Cyber Resilience in Today’s Digital World
October 2, 12:00 PM - 12:20 PM
Speaker: Avesta Hojjati, VP of Engineering at DigiCert
Step into the future of IoT security with us as we unveil the culmination of years of innovation and proven success in safeguarding devices across the globe. This session delves deep into the multifaceted challenges and opportunities in IoT security, including the integration of cutting-edge Post-Quantum Cryptography (PQC):
- Ongoing Security Monitoring and crypto agility: Continuous vigilance is essential. We explore best practices for monitoring IoT devices, detecting anomalies, and responding swiftly to potential threats. With PQC, organizations can stay ahead of quantum-era risks, ensuring their monitoring and response strategies remain effective. But the most important factor here is to stay crypto agile.
- Software Scanning, Signing, and SBOMs: Secure software development is critical, but organizations must also implement processes and tools to monitor Software Bill of Materials (SBOMs) and disclose vulnerabilities. The integration of PQC algorithms ensures that software integrity remains robust against the impending threats posed by quantum computing.
- Regulatory and Compliance Challenges: Selling connected products globally presents significant hurdles for regulatory compliance. Companies must navigate diverse regulations, including the EU Medical Device Regulation, the EU Cyber Resilience Act, and FDA pre-market guidance, to ensure their IoT products meet stringent standards.
- Implementing IoT Security Standards: The emergence of standards like Matter promises interoperability and establishes baseline security requirements. We discuss their impact on device security, how organizations can align with these frameworks, and how PQC is becoming a vital component in future-proofing against evolving threats.
- Over-the-Air Updates: Deploying scanned, signed updates at scale across a fleet of devices is essential for maintaining security. We explore how PQC-enhanced cryptographic methods are essential for safeguarding these updates in the post-quantum era.