Forthcoming Events

Twitter Feed

BCS Nottingham & Derby Branch

3rd Monday Event

TONIGHT'S WEBINAR:Internet of Things(IoT):Are you aware of the risks?: BCS and CIISec East Mids:Booking details in Emailshot by David Alexander and Colin Robbins (CIISec)

Date: Monday, 20th April 2020
Time: 19:00 (tea & coffee available from 18:30)
Location: Webinar
Price: Free! (non-members welcome)
Status: Going Ahead


Internet of Things (IoT):Are you aware of the risks?

Joint Event with BCS and Chartered Institute of Information Security(CIISec) East Midlands by David Alexander and Colin Robbins (CIISec)

Colin's talk will look at some of the security challenges, and the industry activities to mitigate the risks, leading to the anticipate widespread use of automated vehicles by 2027. 'The modern car has been described by a leading manufacturer as an 'iPhone on wheels', which when you add all the compute elements to enable autonomous driving is a significant underestimate, more so when multiplied by many different manufacturers! With such an array of processing onboard, as well as 5G and vehicle to vehicle connectivity, the risk of a cyber security attack could lead to catastrophic consequences.'

David's talk will explain 'IoT devices are not a product, they are a risk in a box.' In the race, to minimise unit and support costs and time to market, the security functionality is often the first casualty. Too many organisations have not fully considered the risks that occur after deployment for the full product/service lifecycle. The age-old management mantra of 'faster, better and cheaper' needs to include the words 'and an acceptable level of risk'. David can also speak about autonomous vehicles (that are not all that autonomous) and the logistics of upgrading several millions of vehicles distributed around the world.

[back to top]

About the Presenter

CIISEC speaker, Colin Robbins (, and BCS speaker David Alexander, co-author of 'Information Security Management ' a Senior Security Architect and expert on IoT security, have agreed to present to our branch.

Colin is the East Midlands Chair of CIISEC, a NCSC certified Security and Information Risk Adviser (Lead CCP) and Security Auditor (Senior CCP). He is Nexor's Managing Security Consultant, has specific technical experience in Secure Information Exchange and Identity Systems and is credited as the co-inventor of LDAP. He has a strong interest in security governance and is a qualified ISO 27001 auditor. His work includes security risk assessment, security gap analysis and secure development lifecycle enhancements. He works with standards such as Cyber Essentials, ISO 27001, PAS 754, and ETSI 319 401/411 (EIDAS).

David recently worked for PA Consulting where he 'owned' the IoT security technology team and sat on the security working group of the Automotive Electronics Systems Innovation Network (AESIN). He contributed to the DCMS 'secure by design' project (the essential 13 security characteristics for IoT devices), worked on the security architecture and cryptographic protocols required for large-scale over-the-air updates for car firmware as well as consulting on the security of self-driving cars and their interactions with roadside systems.

[back to top]