At the Industrial Security Conference 13-15 September Krystian Rykaczewski, Senior Project Engineer, Ethical Hacker, Rockwell Automation will give a keynote presentation on Pentesting IoT devices. Krystian Rykaczewski will share his knowledge and empierce and demonstrate how you can achieve it.
Before the event in November you can read an interview with Krystian here.
What is your background? And how do you work with industrial security on a daily basis?
I’m in IT for around 15 years and 12 years in industrial automotive. I started as QA engineer then moved to QA Team Lead position and in November 2016 moved to Security Role. Right now my main duties are developing tools, PoC, pentesting products, providing guidance for new colleagues.
What do you see as the biggest opportunities and challenges in connection with cyber- and industrial security?
The biggest challenges for me are possibilities of patching and updating industrial components. Since vulnerabilities are discovered anyway and there is strong pressure to get and visualize data from the production, we will expose IoT devices for attacks, the ability of potential quick fix will be extremely important. Second biggest challenge is the encryption in IoT, with limited resources strong and fast encryption in the communication will generate a lot of changes in architecture and design.
When looking forward just 5-10 years, what do you think will be different within security?
OMG most probably everything 😊 encryption with quantum computers or AI will impact security very strongly, machine learning will change the way how we defend and do offensive security. The revolution of IoT will expose people to security risks in any aspects of life. Cars, fridges, intelligent houses, watches, phones, augmented reality, medical sensors all of those will be connected. The security awareness in our daily basis will be much stronger for everybody.
From your point of view, how do you think we get more diversity in the industry?
I really love the direction taken by InsightIT to focus on security industrial and to be even more attractive for the audience I would like to balance low level keynotes with high level architectural presentations.
What are your own expectations for the conference? And which keynotes are you looking forward to hearing?
I would like to meet customers to understand their perspective and problems related with the security. I cannot wait for “Security parameters for library-based Security-by-Design” and “A case study on developing a unique OT Disaster Recovery plan for industrial Operations”.
What will your keynote be about, and which learnings are you hoping the participants take with them?
Hope that participants will be able to take the slides and repeat the steps and approach, it will help people built fuzzers and automat protocol testing both with open source and self-made scripts.
Do you want to hear more from Krystian?
At the industrial Security Conference 13-15 September Krystian will share his knowledge on Pentesting IoT devices and empierce and demonstrate how you can achieve it.He will among other come around areas such as fuzzing technique, open-source tools, dummy fuzzing, reverse engineering of network protocols, testing low level protocols with scapy and much more. Read more about the conference and sign up today.