Cybersecurity Field CTO at Microsoft, USA
Diana is the Cybersecurity Field CTO for Microsoft and a cybersecurity architect, executive advisor, and author. At Microsoft she leads the Cybersecurity Thought Leadership team and leverages her 30 years of cyber-risk and security experience to provide advice and guidance to CSOs, CIOs and CISOs at some of the world’s largest companies and is a contributor to the Microsoft Security Intelligence Report (SIR). In addition to her work at Microsoft, she serves on the ACM Ethics & Plagiarism Committee and has guest lectured at Boston College’s Masters in Cybersecurity program. Diana serves on the Board of Directors for two non-profits, WiCyS and Sightline Security and is also the volunteer CTO for Sightline. She is a member of the RSA US Program Committee for 2018-2021, one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime, an IEEE 2016 “Rock Star of Risk”, and co-authored the book Cryptographic Libraries for Developers. She worked at IBM where she built and managed the IBM Security Research publication process.
Session: Cybersecurity and IOT
Building Sustainable IoT using the Seven Properties of Highly Secure Devices
What makes a device secure? And how important is it for us to ensure the next generation of smart things – from industrial manufacturing to building automation systems to smart cars and homes – are built as securely and sustainably as possible? Can the device be upgraded in place? Can security updates be applied OTA (over the air). Is there any way to secure legacy (brownfield) devices? Secure IoT and IIoT are possible, but it requires planning – one of the best places to start is by understanding the 7 Properties of Highly Secure Devices and learning how to apply them to the design, build, and deployment of smart devices and architectures.
The Seven Properties covered in the talk:
1. Hardware based Root of Trust
2. Small Trusted Computing Base
3. Defense in Depth
4. Compartmentalization
5. Certificate-based
6. Renewable Security
7. Failure Reporting
Learning outcomes:
- Importance of IOT Security
- Why IOT Security must be Sustainable
- The Seven Properties of Secure IOT Devices
- How to Build Secure IOT
Additional information and International Cybersecurity & Digital Services Protection Conference programme – here