A SecurityWeek Event


An Exclusive Executive Forum Focused on
Information Security Leadership and Strategy

September 13-14, 2022

2021 CISO Forum Presented by


2021 Diamond Sponsors


2021 Platinum Sponsors


2021 Gold Sponsors


Silver Sponsors


2021 CISO Forum

SecurityWeek’s CISO Forum takes place annually at the beautiful Ritz-Carlton, Half Moon Bay, which has served as the venue of the forum since 2014.

Given the global situation resulting from the COVID-19 pandemic, SecurityWeek’s 2021 CISO Forum, Presented by Cisco, will take place virtually. Through a cutting-edge platform, attendees will be able to interact with speakers and sponsors, and visit networking lounges, specific zones & sponsor booths.

This  event is designed for security leaders to discuss, share and learn information security strategies. (Register)

Visit Here for the Latest Event Updates for the Virtual Edition

An Exclusive Executive Forum Focused on Cybersecurity Leadership and Strategy

September 14-15, 2021
Virtual Event – View Event Website

Throughout this two-day virtual event, sessions will have a strong focus on participation from CISOs in panel discussions along with talks from industry experts, analysts and other end users, and thought leadership, strategy and technical sessions.

Topics Include:

  • Fireside Chat: Adrian Stone: VP, CISO at Peloton
  • Winning Hearts and Minds on the Board
  • Designing and Architecting Security for a Hybrid World
  • CISO Panel: Navigating SBOMs and Supply Chain Security Transparency
  • Panel: CISO’s Guide to Building a Security Dream Team
  • Panel: The Top 5 Priorities of the Modern CISO
  • Defenders Playbook for Attack Simulation and Security Posture Validation
  • Virtual Expo and Networking
  • Identity-Focused Security for Your Zero Trust Journey
  • Winning Hearts and Minds on the Board
  • Securing Our Cloud Environment Against Hackers
  • Key Insights to Prevent Never-Before-Seen Cyber Attacks
  • SASE Industry Trends
  • Measuring Security and Building Trust with Leadership: Enabling Transformation Through Testing
  • How DevOps Can Make AppSec Testing Seamless
  • Addressing Sophisticated Supply Chain Attacks Head On with No Source Code Required
  • Much more! – Add to Calendar

Through a cutting-edge platform, attendees will be able to interact with speakers and sponsors, and visit networking lounges, subject-specific discussion areas, and sponsor booths in a virtual expo hall.

Adrian Stone

Adrian Stone


Anne Marie Zettlemoyer

Anne Marie Zettlemoyer

VP, Security Engineering

Caleb Sima

Caleb Sima


Allan Friedman

Allan Friedman (Invited)

Cybersecurity and Infrastructure Security Agency (CISA)
SBOM Champion

Summer Craze Fowler

Summer Craze Fowler

Argo AI

Fredrick Lee

Fredrick ‘Flee’ Lee

Chief Security Officer

Shaila Shankar

Shaila Shankar

SVP and General Manager of Cisco Cloud Network and Security

Jonathan Jaffe

Jonathan Jaffe


Aanchal Gupta

Aanchal Gupta

VP, Azure Security

Lena Smart

Lena Smart


Sounil Yu

Sounil Yu


Theresa Payton

Theresa Payton

Former White House CIO
Star of CBS TV series, “Hunted”, and Leading Cybersecurity Expert




September 24-26, 2019


1 Miramontes Point Rd, Half Moon Bay, CA 94019


+ 1 (650) 712-7000

Industry is Not Ready IIoT Attacks That Have Already Begun

05/30/2019 0

(Kevin Townsend – SecurityWeek) – Industrial Internet of Things (IIoT) is an essential part of business transformation and the Industry 4.0 revolution. Its use is burgeoning, with more than 7 billion devices in use worldwide. This is expected to grow to more 20 billion by 2025 — and does not include phones, tablets or laptops. It is a journey just beginning, and nobody yet knows the destination or route.

Cybersecurity complications are expected, but the most common perception is that so far this has been limited to the rise of massive DDoS botnets able to deliver huge attacks — like Mirai — from thousands of compromised IoT devices. A new survey now shows that direct cyber-attacks against IIoT have already started, and that DDoS is not a primary concern to security teams.

The survey, conducted by Vanson Bourne for Irdeto, questioned 700 security decision makers across Connected Health, Connected Transport and Connected Manufacturing, and the IT and technology firms that manufacture devices. Data was gathered in March and April 2019 from China, Germany, Japan, the UK and the U.S.

Eighty percent of these organizations experienced a cyber-attack against their IoT over the last 12 months. The highest rate was in the UK at 86% (three other regions had attacks against more than 80% of respondents), with Japan at the relatively low 60%. Within the industry verticals examined, 82% of healthcare organizations, 79% of manufacturing and production organizations, and 77% of connected transport organizations have experienced an attack.

While attacks against IIoT have already started, organizations have little confidence in the immediate future. Globally, 83% of organizations are concerned about their IoT systems suffering a future cyber-attack (with 32% being ‘very’ concerned). Concern is highest in the UK (91%), with the U.S. at 87%. Japan and China show the least concern at 76% and 77% respectively.

Coupled with these concerns, there is little confidence in the existing device security. Globally, 33% of user organizations believe that device security could be improved to a great extent. Only 2% felt that security could not be improved. Even among the IoT manufacturers, there is little confidence. Forty-one percent of the IoT device manufacturers feel their own device security could be improved to a great extent. This was highest in Germany (49%) and lowest in Japan (32%).

The degree of concern differs between the verticals. Connected transport is most concerned about compromised customer data (35%) followed by loss of customers and operational downtime (both at 15%). Healthcare is most concerned about compromised customer data (39%) followed by compromised end-user safety (20%). Manufacturing and production is primarily concerned with compromised end-user safety (21%) followed by operational downtime (19%).

None of these figures are surprising given the nature of the verticals — except, perhaps, that healthcare is more worried about loss of data than end-user safety (presumably patients). This may reflect the success and effect of HIPAA.

The average cost of an IoT security incident has been relatively low in cyber breach terms — just $330,602. It is highest in connected transport, and lowest in manufacturing and production. This surprises Irdeto. “Itís possible that these organizations may not be taking into account all of the costs associated with a cyberattack, including lost business, costs to correct any vulnerabilities that led to the attack, etc,” it writes. “It is also possible that with IoT proliferation in these industries being in its relative infancy, the current cost of cyberattacks on these devices is not as catastrophic as in other parts of the business. However, if this is the case, the costs will surely skyrocket as IoT devices become more abundant and connectivity continues to increase throughout the business.”

It is fair to say that as IoT becomes more deeply embedded in manufacturing — especially in the operational side — the cost of a serious attack could increase dramatically. When a variant of WannaCry got into the OT network of the Taiwanese TSMC chip fabricator in 2018, it resulted in costs of around $170 million.

The Irdeto survey demonstrates that direct cyber-attacks against IIoT have already started, and that industry is not yet well prepared. In fact, Irdeto found only one promising response: 99% of the respondents agree that a security solution should be an enabler of new business models, and not just a cost. It took IT security many years to come to the same position. It demonstrates, says Irdeto, that “The previous mindset of security as an afterthought is changing, and one of the most promising results of the study found that today’s organizations are thinking even more strategically about security.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe for Event News