SlideShare a Scribd company logo

Building trust and Enabling innivation for voice enabled IOT

Priyanka Aash
Priyanka Aash

Voice enabled technology provides developers with great innovation opportunities as well as risks. The Voice Privacy Alliance created a set of 39 Agile security stories specifically for voice enabled IoT products as part of the Voice Privacy Innovation Toolkit. These security stories help product owners and security developer focals bake security into their voice enabled products to save time, money and decrease incidents and reputation damage. This is a very practical, hands-on tool for developers that the Voice Privacy Alliance believes is needed to secure voice enabled technologies and promote innovation. (Source: Black Hat USA 2016, Las Vegas)

Technology
1 of 15
Download to read offline
Building Trust & Enabling Innovation for Voice Enabled IoT Lynn Terwoerds
From the Keyboard to the Microphone • 1952 – first voice recognition device recognized single digits • 2016 • Siri, Cortana, Echo, Google Home, Hello Barbie, Sony SmartWatch 3, Samsung Smart TV, Honeywell thermostat, GirlTech Password Journal, Skully Smart Helmet, Dragon Dictation – just to name a few • USD $6.4 billion IoT business (projected to be USD $2 trillion in 20201) Source = Jim Tully, VP & lead IoT researcher for Gartner, 2015
Opportunity • Development community has an opportunity to innovate and fundamentally change the way we interact with technology • Customers naturally will speak to their devices, developers will not need to teach new habits • Significant opportunity to embed voice even more into IoT and capture valuable data • Voice can be used for many things • Recognition (already widely applied) • Biometrics • Converge with other emerging tech such as AI, data analytics, block chain, avatars
Risk • Voice is deeply personal and unique • Customers have already reacted with the fear their device is always “listening” • Voice is easy to capture (maybe unintentionally) • A new attack vector, plus the same old weaknesses • Customers can change their password, get a replacement credit card, even get a new social security number, but they cannot change their voice
A Matter of Trust • Lack of trust could stifle innovation • A serious incident will have ripple effects across the sector, not just a single company • While there are new security & privacy concerns, many of the problems remain the same • It’s not just a technology problem • Educate customers & press • Address the FUD right away • Leverage years of existing security resources (e.g. SANS, CVE) • Speak the language of the customer • Proper transparency
The Power of Industry Collaboration • Thought leadership • Enable innovation • Save time, money, reputations • Tangible deliverables • Toolkit for developers • Legal thought leadership through “Legal Pad Notes” • Consumer infographics • Open to everyone – men and women • To join, email voiceprivacy@ewf-usa.com • Follow @voiceprivacy
VPA Innovation Toolkit http://www.ewf- usa.com/voiceprivacy • Specifically for developers, peer reviewed by developers • 40 Agile security stories • Can be adapted for any development methodology • Focuses on voice IoT specific considerations • Toolkit is open source, meant to be adapted, modified • Next revision scheduled for Jan/Feb 2017 • Join the Voice Privacy Alliance and improve the toolkit! voiceprivacy@ewf-usa.com
From the VPA Toolkit Security Story Guidance Customers and the press have concerns the device is "always listening" and this makes them uncomfortable, especially if the device is in a home. Allow customers the ability to "mute" when a device or application is always listening, even if it's just listening for a wake word. This could ease fears of someone always listening. You might also consider being transparent with customers how much you buffer when in listen mode. For example, your device might have a 30 second buffer as it listens for a wake word. After 30 seconds the buffer is cleared and the cycle repeats until the customer uses the wake word. Being transparent may alter customer perceptions and mitigate this fear.
From the VPA Toolkit Security Story Guidance Customers fear what they say will live on forever. Their concerns might be expressed as, "If you record something I say, can I delete it? What if I said something I'm ashamed of or embarrassed by? Since your device lives in my home or is something I wear, it's possible you'll record something very personal or potentially embarrassing." If you are storing customer voice data, give them control over their own data. Allow customers the abiity to delete their voice data, even if there are UX implications to the product. You may also want to inform the customer how deleting their voice data could negatively impact their user experience.
From the VPA Toolkit Security Story Guidance Customers understand that companies share customer data with 3rd parties. Sharing voice data, especially an actual voice recording may cause concern and mistrust. If you authenticate a customer to a 3rd party service, do so securely and make sure the customer is aware they have crossed over a trust boundary. Again there is a fundamental difference between lower risk voice recognition scenarios where a customer might request a stock quote, you convert that request to text, send it to a third party and the customer gets a response to their request. If you are sending voice data to a 3rd party to analyze, maybe parse and store, then you should consider securing that communication.
From the VPA Toolkit Security Story Guidance Can my voice enabled device just respond to me? In my home and with my wearables, I live in a dynamic environment and I wonder if my device could respond to someone else's command. Verify if a single user should have a unique session connection with your product or if multiple sessions are allowed. For example, Hello Barbie may have several people interact with her, but the doll is associated with a child and that child's authorizing adult. Consider if there are use cases where it would be appropriate to reject sessions not initiated by the authorized user. Amazon Echo is the opposite, designed to respond to anyone who invokes the wake word
From the VPA Toolkit Security Story Guidance Customers want to know you are keeping up with current threats. Rogue wireless networks are a known threat and many customers lack the knowledge to protect themselves against this problem. Ensure your device can verify it’s communicating with legitimate devices or networks. It's possible you can be fooled into connecting to a rogue wireless network or your customer can be fooled.
From the VPA Toolkit Security Story Guidance Am I still secure even if my device is lost or stolen? Consider physical tampering scenarios. Wearables and IoT devices are shrinking in size. Developers must consider physical threats against lost or stolen devices
From the VPA Toolkit Security Story Guidance If your device communicates with the customer, how will your customer know it's your device talking and not some interloper like a hacker? Develop use case scenarios where an attacker might intercept the conversation between a customer and their device, potentially compromising the confidentiality and integrity of the conversation. For example, a voice enabled children's toy is made to say something wholly inappropriate to a child because the communication channel has been compromised.
Final Thoughts • Let’s not repeat old mistakes • Embed security early in the development lifecycle to save time, money, churn • Industry can demonstrate leadership ahead of • Regulation • Litigation • FUD • Download the toolkit http://www.ewf-usa.com/voiceprivacy

Recommended

THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAY
THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAYTHUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAY
THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAYrccglp25giictwin
 
News letter oct 11
News letter oct 11News letter oct 11
News letter oct 11captsbtyagi
 
Tsensors San Diego Sandhi Bhide - Nov 12-13 - Final
Tsensors San Diego Sandhi Bhide - Nov 12-13 - FinalTsensors San Diego Sandhi Bhide - Nov 12-13 - Final
Tsensors San Diego Sandhi Bhide - Nov 12-13 - Finalsandhibhide
 
2014 Interns Prototypes vFinal
2014 Interns Prototypes vFinal2014 Interns Prototypes vFinal
2014 Interns Prototypes vFinalAmeya Parab
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?VISTA InfoSec
 
Beacon Security
Beacon SecurityBeacon Security
Beacon Securitykontakt.io
 
BehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareBehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareNeil Costigan
 
Mobile security
Mobile security Mobile security
Mobile security Himmatsingh Rajpurohit
 

Recommended

THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAY
THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAYTHUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAY
THUMBS ON – ACCESS ALL YOUR ACCOUNTS SAME WAY, SAFEST WAYrccglp25giictwin
 
News letter oct 11
News letter oct 11News letter oct 11
News letter oct 11captsbtyagi
 
Tsensors San Diego Sandhi Bhide - Nov 12-13 - Final
Tsensors San Diego Sandhi Bhide - Nov 12-13 - FinalTsensors San Diego Sandhi Bhide - Nov 12-13 - Final
Tsensors San Diego Sandhi Bhide - Nov 12-13 - Finalsandhibhide
 
2014 Interns Prototypes vFinal
2014 Interns Prototypes vFinal2014 Interns Prototypes vFinal
2014 Interns Prototypes vFinalAmeya Parab
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?VISTA InfoSec
 
Beacon Security
Beacon SecurityBeacon Security
Beacon Securitykontakt.io
 
BehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareBehavioSec Web Summit START slideshare
BehavioSec Web Summit START slideshareNeil Costigan
 
Mobile security
Mobile security Mobile security
Mobile security Himmatsingh Rajpurohit
 
Social Networking 2050
Social Networking 2050Social Networking 2050
Social Networking 2050ARPUTHA SELVARAJ A
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Contactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile LoyaltyContactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile LoyaltyMerchant360, Inc.
 
ciphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini Orlandociphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini OrlandoAlan Quayle
 
Digital Watermarking Report
Digital Watermarking ReportDigital Watermarking Report
Digital Watermarking ReportOECLIB Odisha Electronics Control Library
 
Mobile Solutions and Market Trends
Mobile Solutions and Market TrendsMobile Solutions and Market Trends
Mobile Solutions and Market TrendsForgeRock
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
Public wifi
Public wifiPublic wifi
Public wifiSteph Cliche
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCloudIDSummit
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecuritySatnam Singh
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1Dan Miller
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesLeMeniz Infotech
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Ravindra Dastikop
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationOKsystem
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesLeMeniz Infotech
 
Trinity Profile 001
Trinity Profile 001Trinity Profile 001
Trinity Profile 001trifuturein
 
Breaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSXBreaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSXPriyanka Aash
 
Samsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issuesSamsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issuesPriyanka Aash
 

More Related Content

What's hot

IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Contactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile LoyaltyContactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile LoyaltyMerchant360, Inc.
 
ciphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini Orlandociphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini OrlandoAlan Quayle
 
Mobile Solutions and Market Trends
Mobile Solutions and Market TrendsMobile Solutions and Market Trends
Mobile Solutions and Market TrendsForgeRock
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCloudIDSummit
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecuritySatnam Singh
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1Dan Miller
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesLeMeniz Infotech
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Ravindra Dastikop
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationOKsystem
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesLeMeniz Infotech
 
Trinity Profile 001
Trinity Profile 001Trinity Profile 001
Trinity Profile 001trifuturein
 

What's hot (20)

Social Networking 2050
Social Networking 2050Social Networking 2050
Social Networking 2050
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Contactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile LoyaltyContactless NFC Tags For Mobile Loyalty
Contactless NFC Tags For Mobile Loyalty
 
ciphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini Orlandociphertet presentation given at TADHack-mini Orlando
ciphertet presentation given at TADHack-mini Orlando
 
Digital Watermarking Report
Digital Watermarking ReportDigital Watermarking Report
Digital Watermarking Report
 
Mobile Solutions and Market Trends
Mobile Solutions and Market TrendsMobile Solutions and Market Trends
Mobile Solutions and Market Trends
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
Public wifi
Public wifiPublic wifi
Public wifi
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecurity
 
Sxsw ppt voice-1
Sxsw ppt voice-1Sxsw ppt voice-1
Sxsw ppt voice-1
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphones
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan Richardson
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authentication
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphones
 
Trinity Profile 001
Trinity Profile 001Trinity Profile 001
Trinity Profile 001
 

Viewers also liked

Breaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSXBreaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSXPriyanka Aash
 
Samsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issuesSamsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issuesPriyanka Aash
 
Breaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisorsBreaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisorsPriyanka Aash
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processorPriyanka Aash
 
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...Priyanka Aash
 
Keynote Session : Kill The Password
Keynote Session : Kill The PasswordKeynote Session : Kill The Password
Keynote Session : Kill The PasswordPriyanka Aash
 
Keynote Session : Emerging Healthcare Tech & Future Security Impact
Keynote Session : Emerging Healthcare Tech & Future Security ImpactKeynote Session : Emerging Healthcare Tech & Future Security Impact
Keynote Session : Emerging Healthcare Tech & Future Security ImpactPriyanka Aash
 
Keynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityKeynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityPriyanka Aash
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Priyanka Aash
 
Keynote Session : Internet Of Things (IOT) Security Taskforce
Keynote Session : Internet Of Things (IOT) Security TaskforceKeynote Session : Internet Of Things (IOT) Security Taskforce
Keynote Session : Internet Of Things (IOT) Security TaskforcePriyanka Aash
 
Intra process memory protection for applications on ARM and x86
Intra process memory protection for applications on ARM and x86Intra process memory protection for applications on ARM and x86
Intra process memory protection for applications on ARM and x86Priyanka Aash
 
Keynote Session : NIST - Cyber Security Framework Measuring Security
Keynote Session : NIST - Cyber Security Framework Measuring SecurityKeynote Session : NIST - Cyber Security Framework Measuring Security
Keynote Session : NIST - Cyber Security Framework Measuring SecurityPriyanka Aash
 
Timing attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksTiming attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksPriyanka Aash
 
1000 ways to die in mobile oauth
1000 ways to die in mobile oauth1000 ways to die in mobile oauth
1000 ways to die in mobile oauthPriyanka Aash
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingPriyanka Aash
 
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsBad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsPriyanka Aash
 
HEIST: HTTP encrypted information can be stolen through TCP windows
HEIST: HTTP encrypted information can be stolen through TCP windowsHEIST: HTTP encrypted information can be stolen through TCP windows
HEIST: HTTP encrypted information can be stolen through TCP windowsPriyanka Aash
 
Behind the scenes with IOS security
Behind the scenes with IOS securityBehind the scenes with IOS security
Behind the scenes with IOS securityPriyanka Aash
 
Applied Machine learning for data exfiltration and other fun topics
Applied Machine learning for data exfiltration and other fun topicsApplied Machine learning for data exfiltration and other fun topics
Applied Machine learning for data exfiltration and other fun topicsPriyanka Aash
 

Viewers also liked (20)

Breaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSXBreaking Kernal address space layout rendomization: KASLAR with Intel TSX
Breaking Kernal address space layout rendomization: KASLAR with Intel TSX
 
Samsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issuesSamsung pay: tokenized numbers flaws and issues
Samsung pay: tokenized numbers flaws and issues
 
Breaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisorsBreaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisors
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processor
 
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...
Keynote Session : Using Behavioral Psychology and Science of Habit to Change ...
 
Keynote Session : Kill The Password
Keynote Session : Kill The PasswordKeynote Session : Kill The Password
Keynote Session : Kill The Password
 
Keynote Session : Emerging Healthcare Tech & Future Security Impact
Keynote Session : Emerging Healthcare Tech & Future Security ImpactKeynote Session : Emerging Healthcare Tech & Future Security Impact
Keynote Session : Emerging Healthcare Tech & Future Security Impact
 
Keynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityKeynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of Security
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
 
Keynote Session : Internet Of Things (IOT) Security Taskforce
Keynote Session : Internet Of Things (IOT) Security TaskforceKeynote Session : Internet Of Things (IOT) Security Taskforce
Keynote Session : Internet Of Things (IOT) Security Taskforce
 
Intra process memory protection for applications on ARM and x86
Intra process memory protection for applications on ARM and x86Intra process memory protection for applications on ARM and x86
Intra process memory protection for applications on ARM and x86
 
Keynote Session : NIST - Cyber Security Framework Measuring Security
Keynote Session : NIST - Cyber Security Framework Measuring SecurityKeynote Session : NIST - Cyber Security Framework Measuring Security
Keynote Session : NIST - Cyber Security Framework Measuring Security
 
Timing attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksTiming attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacks
 
1000 ways to die in mobile oauth
1000 ways to die in mobile oauth1000 ways to die in mobile oauth
1000 ways to die in mobile oauth
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computing
 
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutionsBad for Enterprise: Attacking BYOD enterprise mobility security solutions
Bad for Enterprise: Attacking BYOD enterprise mobility security solutions
 
HEIST: HTTP encrypted information can be stolen through TCP windows
HEIST: HTTP encrypted information can be stolen through TCP windowsHEIST: HTTP encrypted information can be stolen through TCP windows
HEIST: HTTP encrypted information can be stolen through TCP windows
 
Behind the scenes with IOS security
Behind the scenes with IOS securityBehind the scenes with IOS security
Behind the scenes with IOS security
 
A lightbulb worm
A lightbulb wormA lightbulb worm
A lightbulb worm
 
Applied Machine learning for data exfiltration and other fun topics
Applied Machine learning for data exfiltration and other fun topicsApplied Machine learning for data exfiltration and other fun topics
Applied Machine learning for data exfiltration and other fun topics
 

Similar to Building trust and Enabling innivation for voice enabled IOT

Building security into the internetofthings
Building security into the internetofthingsBuilding security into the internetofthings
Building security into the internetofthingsPrayukth K V
 
Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things The Center for Identity
 
Answer lab best practices in research and design for voice user interfaces
Answer lab best practices in research and design for voice user interfacesAnswer lab best practices in research and design for voice user interfaces
Answer lab best practices in research and design for voice user interfacesIsidore Gotto
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksSocialKwan
 
5 Enterprise Mobility Management nightmares
5 Enterprise Mobility Management nightmares5 Enterprise Mobility Management nightmares
5 Enterprise Mobility Management nightmaresSprint Business
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
iPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementiPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementCisco Mobility
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 
Personal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxPersonal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxherbertwilson5999
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
Part 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxPart 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxdanhaley45372
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptxTapan Khilar
 

Similar to Building trust and Enabling innivation for voice enabled IOT (20)

Building security into the internetofthings
Building security into the internetofthingsBuilding security into the internetofthings
Building security into the internetofthings
 
Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things
 
Answer lab best practices in research and design for voice user interfaces
Answer lab best practices in research and design for voice user interfacesAnswer lab best practices in research and design for voice user interfaces
Answer lab best practices in research and design for voice user interfaces
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_fa
 
Cyber security
Cyber securityCyber security
Cyber security
 
Protecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaksProtecting Intellectual Property in the Age of WikiLeaks
Protecting Intellectual Property in the Age of WikiLeaks
 
5 Enterprise Mobility Management nightmares
5 Enterprise Mobility Management nightmares5 Enterprise Mobility Management nightmares
5 Enterprise Mobility Management nightmares
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
iPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementiPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and Management
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Personal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxPersonal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docx
 
Mobile security
Mobile securityMobile security
Mobile security
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
Part 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docxPart 1 Vulnerability AssessmentNambo FrancisN.docx
Part 1 Vulnerability AssessmentNambo FrancisN.docx
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptx
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Recently uploaded (20)

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

Building trust and Enabling innivation for voice enabled IOT

  • 1. Building Trust & Enabling Innovation for Voice Enabled IoT Lynn Terwoerds
  • 2. From the Keyboard to the Microphone • 1952 – first voice recognition device recognized single digits • 2016 • Siri, Cortana, Echo, Google Home, Hello Barbie, Sony SmartWatch 3, Samsung Smart TV, Honeywell thermostat, GirlTech Password Journal, Skully Smart Helmet, Dragon Dictation – just to name a few • USD $6.4 billion IoT business (projected to be USD $2 trillion in 20201) Source = Jim Tully, VP & lead IoT researcher for Gartner, 2015
  • 3. Opportunity • Development community has an opportunity to innovate and fundamentally change the way we interact with technology • Customers naturally will speak to their devices, developers will not need to teach new habits • Significant opportunity to embed voice even more into IoT and capture valuable data • Voice can be used for many things • Recognition (already widely applied) • Biometrics • Converge with other emerging tech such as AI, data analytics, block chain, avatars
  • 4. Risk • Voice is deeply personal and unique • Customers have already reacted with the fear their device is always “listening” • Voice is easy to capture (maybe unintentionally) • A new attack vector, plus the same old weaknesses • Customers can change their password, get a replacement credit card, even get a new social security number, but they cannot change their voice
  • 5. A Matter of Trust • Lack of trust could stifle innovation • A serious incident will have ripple effects across the sector, not just a single company • While there are new security & privacy concerns, many of the problems remain the same • It’s not just a technology problem • Educate customers & press • Address the FUD right away • Leverage years of existing security resources (e.g. SANS, CVE) • Speak the language of the customer • Proper transparency
  • 6. The Power of Industry Collaboration • Thought leadership • Enable innovation • Save time, money, reputations • Tangible deliverables • Toolkit for developers • Legal thought leadership through “Legal Pad Notes” • Consumer infographics • Open to everyone – men and women • To join, email voiceprivacy@ewf-usa.com • Follow @voiceprivacy
  • 7. VPA Innovation Toolkit http://www.ewf- usa.com/voiceprivacy • Specifically for developers, peer reviewed by developers • 40 Agile security stories • Can be adapted for any development methodology • Focuses on voice IoT specific considerations • Toolkit is open source, meant to be adapted, modified • Next revision scheduled for Jan/Feb 2017 • Join the Voice Privacy Alliance and improve the toolkit! voiceprivacy@ewf-usa.com
  • 8. From the VPA Toolkit Security Story Guidance Customers and the press have concerns the device is "always listening" and this makes them uncomfortable, especially if the device is in a home. Allow customers the ability to "mute" when a device or application is always listening, even if it's just listening for a wake word. This could ease fears of someone always listening. You might also consider being transparent with customers how much you buffer when in listen mode. For example, your device might have a 30 second buffer as it listens for a wake word. After 30 seconds the buffer is cleared and the cycle repeats until the customer uses the wake word. Being transparent may alter customer perceptions and mitigate this fear.
  • 9. From the VPA Toolkit Security Story Guidance Customers fear what they say will live on forever. Their concerns might be expressed as, "If you record something I say, can I delete it? What if I said something I'm ashamed of or embarrassed by? Since your device lives in my home or is something I wear, it's possible you'll record something very personal or potentially embarrassing." If you are storing customer voice data, give them control over their own data. Allow customers the abiity to delete their voice data, even if there are UX implications to the product. You may also want to inform the customer how deleting their voice data could negatively impact their user experience.
  • 10. From the VPA Toolkit Security Story Guidance Customers understand that companies share customer data with 3rd parties. Sharing voice data, especially an actual voice recording may cause concern and mistrust. If you authenticate a customer to a 3rd party service, do so securely and make sure the customer is aware they have crossed over a trust boundary. Again there is a fundamental difference between lower risk voice recognition scenarios where a customer might request a stock quote, you convert that request to text, send it to a third party and the customer gets a response to their request. If you are sending voice data to a 3rd party to analyze, maybe parse and store, then you should consider securing that communication.
  • 11. From the VPA Toolkit Security Story Guidance Can my voice enabled device just respond to me? In my home and with my wearables, I live in a dynamic environment and I wonder if my device could respond to someone else's command. Verify if a single user should have a unique session connection with your product or if multiple sessions are allowed. For example, Hello Barbie may have several people interact with her, but the doll is associated with a child and that child's authorizing adult. Consider if there are use cases where it would be appropriate to reject sessions not initiated by the authorized user. Amazon Echo is the opposite, designed to respond to anyone who invokes the wake word
  • 12. From the VPA Toolkit Security Story Guidance Customers want to know you are keeping up with current threats. Rogue wireless networks are a known threat and many customers lack the knowledge to protect themselves against this problem. Ensure your device can verify it’s communicating with legitimate devices or networks. It's possible you can be fooled into connecting to a rogue wireless network or your customer can be fooled.
  • 13. From the VPA Toolkit Security Story Guidance Am I still secure even if my device is lost or stolen? Consider physical tampering scenarios. Wearables and IoT devices are shrinking in size. Developers must consider physical threats against lost or stolen devices
  • 14. From the VPA Toolkit Security Story Guidance If your device communicates with the customer, how will your customer know it's your device talking and not some interloper like a hacker? Develop use case scenarios where an attacker might intercept the conversation between a customer and their device, potentially compromising the confidentiality and integrity of the conversation. For example, a voice enabled children's toy is made to say something wholly inappropriate to a child because the communication channel has been compromised.
  • 15. Final Thoughts • Let’s not repeat old mistakes • Embed security early in the development lifecycle to save time, money, churn • Industry can demonstrate leadership ahead of • Regulation • Litigation • FUD • Download the toolkit http://www.ewf-usa.com/voiceprivacy