Here’s the draft agenda for the WG meeting next month. Other than tweaks to the running order, there shouldn’t be any significant changes. See you all in Amsterdam! # # $Id: agenda,v 1.4 2018/09/21 08:40:30 jim Exp $ # 1. Administrivia 2. NCC Update Marco Hoegwoning - RIPE NCC 3. The Internet of Threats: fighting FUD with MUD Michael Richardson - Sandelman Software Works For many internet organizations, the #1 risk on their risk register is a large scale (Dyn like) DDoS attack. One of the mitigation mechanisms for this risk is to prevent weaponization of consumer grade connected devices --- to keep Things from becoming Threats. What we need are security controls that will protect IoT devices from the internet, and to protect the internet from IoT devices. CIRALabs's Secure Home Gateway project is developing a comprehensive extension to the common OpenWRT code base to include processing of IETF standard Manufacturer Usage Description (MUD) files. 4. Police perspective on IoT, challenges & strategy Jaap van Oss, Manon den Dunnen - Politie The accelerated deployment of IoT is reshaping society and offers new opportunities and threats in the area of safety. Privacy, security and collaboration are fundamental in addressing the challenges. In this presentation we'll share how we look at the IoT domain, what steps we take and the struggles we face. 5. Security Problems in IoT Thomas Stols - Computest Computest has a lot of experience (security) testing various IoT devices. During this talk we’ll give the viewer some insight in common security problems we see during our daily work. 6. The Internet-of-Insecure-Things: Causes, Trends and Responses Arman Noroozian - TU Delft We know poorly secured IoT devices are flooding our markets. And we know they get compromised at scale. Why is this so hard to stop? We look at the underlying causes for why this problem persists. Next, we explore data on where compromised IoT is located, what kind of devices are affected and which networks have the higher concentrations. We end by exploring different responses to help mitigate these threats, with a special focus on the role of network operators. 7. AOB