Top 10 IoT Security experts to follow

Bruce Schneier: A globally recognized figure in the cybersecurity domain, Bruce Schneier has often commented on the vulnerabilities associated with IoT. His book, “Click Here to Everybody”, delves deep into the challenges posed by interconnected devices.

Brian Krebs: As the author behind KrebsOnSecurity.com, Brian frequently covers IoT security breaches, providing in-depth analysis. His investigative journalism often reveals the hidden aspects of major security incidents.

Dr. Kevin Fu: A leading voice in medical device security, Dr. Fu’s primarily revolves around ensuring that IoT medical devices remain from cyber threats. He’s the founder of Virta Labs, focusing on healthcare IoT security.

Samy Kamkar: Known for creating the infamous MySpace worm, Samy has since focused on ethical hacking and has shed light on vulnerabilities in various IoT devices, including and popular consumer devices.

Daniel Miessler: As the Director of Advisory at IOActive, Daniel has worked extensively in the IoT security domain. His IoT security project framework is a comprehensive guide for IoT device manufacturers and developers.

Beau Woods: As the Deputy Director of the Cyber Statecraft Initiative at the Atlantic Council, Beau has been a vocal advocate for better security in the burgeoning IoT landscape. He’s also involved in the I Am The Cavalry initiative, which addresses security issues in critical IoT systems.

Ken Munro: A partner at Pen Test Partners, Ken has been at the forefront of exposing IoT vulnerabilities. His company regularly showcases IoT device hackings, raising about security flaws in everyday devices.

Adam Laurie: Renowned for his expertise in hardware security, Adam has focused on vulnerabilities in embedded systems. His work has illuminated the potential risks in a variety of devices, from contactless payment systems to hotel keycards.

Marc Weber Tobias: As an investigative attorney and physical security specialist, Marc has explored the intersection of IoT with lock and security systems. His insights shed light on the tangible, real-world implications of IoT vulnerabilities.

Jennifer Granick: As the Surveillance and Cybersecurity Counsel at the ACLU, Jennifer offers a on IoT, focusing on the privacy and civil liberties implications of widespread device interconnectivity.

Top 10 Mobile Security experts to follow

Lookout’s Michael Flossman: As the Head of Threat Intelligence at Lookout, Michael specializes in targeting threats, vulnerabilities, and espionage campaigns. and insights provide a deep understanding of the evolving mobile threat landscape.

Zuk Avraham: Founder of Zimperium, Zuk has been instrumental in identifying major vulnerabilities in the mobile , notably in Android and iOS. Zimperium’s zLabs, under his guidance, frequently uncovers and reports mobile threats.

Troy Hunt: The creator of “Have I Been Pwned”, a data breach search , Troy’s expertise extends to mobile security. His workshops and talks often cover mobile security breaches and preventive measures.

Georgia Weidman: An thinker in mobile security, Georgia developed the Smartphone Pentest Framework, which identifies vulnerabilities in smartphone deployments. Her book, “Penetration Testing: A Hands-On Introduction to Hacking,” also delves into mobile threats.

Wang Tielei: A mobile security researcher, Wang’s work has led to the identification of several vulnerabilities in Android OS. His research papers and presentations provide deep insights into the intricacies of mobile device vulnerabilities.

Patrick Wardle: Focusing on Apple’s iOS, Patrick, a former NSA staffer, has discovered multiple security flaws in Apple’s operating system. His website, Objective-See, offers free Mac security tools and valuable knowledge on Mac and iOS threats.

Nicolás Seriot: This iOS security researcher has developed various open-source tools to inspect apps and find malicious behavior. His tool, “Stanza,” is widely recognized in the for iOS research.

Katie Moussouris: Founder and CEO of Luta Security, Katie has been pivotal in bug bounty programs which often extend to mobile vulnerabilities. Her insights on vulnerability coordination and bug bounties have shaped the organizations approach mobile security.

Jon Sawyer (jcase): A renowned name in the mobile security world, especially Android, Jon has been credited with identifying numerous vulnerabilities and is an active contributor to the Android developer and security communities.

NowSecure’s Ryan Welton: A mobile security researcher who has discovered critical vulnerabilities in both Android and iOS. With NowSecure, Ryan regularly publishes detailed analyses of various mobile threats and vulnerabilities.

Top 10 Security Awareness Training experts to follow

Perry Carpenter: Currently the Chief Evangelist and Strategy Officer at KnowBe4, Perry Carpenter has a talent for intertwining human psychology with security behavior. His book, “Transformational Security Awareness”, is an authoritative guide on crafting effective security awareness programs.

Dr. Jessica Barker: A leader in the human nature of cybersecurity, Dr. Barker is the co-founder of Cygenta. She’s well-regarded for her engaging to cybersecurity education, focusing on the human factor and positive security behaviors.

Lance Spitzner: With a rich history in the cybersecurity industry, Lance, as the Director at SANS Security Awareness, has been pioneering security awareness initiatives, offering training that emphasizes understanding human behavior.

Jenny Radcliffe: Known as the “People “, Jenny’s expertise lies in social engineering. Her work focuses on understanding human behavior and vulnerabilities, making her insights invaluable for security awareness training.

Thom Langford: As the founder of (TL)2 Security, a strategic information security consultancy, Thom is passionate making cybersecurity accessible and understandable for all. He regularly speaks at conferences, discussing the importance of security awareness and behavior.

Kai Roer: The co-founder of CLTRe, now a KnowBe4 company, Kai is a dedicated researcher on security culture. He’s also the creator of the Security Culture Framework, a -driven aiming to understand and improve security behavior in organizations.

Bruce Hallas: The founder of The Analogies Project, Bruce encourages the use of analogies to convey complex cybersecurity concepts, making relatable and easier to understand for non-experts.

Herold: A seasoned expert, Rebecca is the CEO of The Privacy Professor and has authored 19 books related to information security. Her holistic approach to security training encompasses not just technical defenses but also the human elements of security.

Stephanie Carruthers: Known by her pseudonym “_sn0ww”, Stephanie is a Chief People Hacker for IBM X-Force Red. She specializes in social engineering and security awareness, often providing real-world demonstrations of phishing and other human-targeted attacks.

Sharon Conheady: A director at Defence Information Security in the UK, Sharon is a specialist in social engineering. Her workshops and presentations often revolve around the psychology behind security lapses, driving the need for effective security awareness training.

Top 10 Endpoint Security experts to follow

Dmitri Alperovitch: Co-founder of CrowdStrike, Alperovitch is recognized for his intelligence on advanced threats, and his expertise has helped in the detection and mitigation of major cyber intrusions.

Mark Russinovich: The CTO of Microsoft Azure, Russinovich has made significant contributions to the Windows OS. He’s also authored several books and is known for his deep dives into Windows security issues.

Chase Cunningham: Often recognized from his times at Forrester Research, Dr. Cunningham provides deep insights into Zero Trust and its implications for endpoint security. His works are foundational for adopting Zero Trust .

Wendy Nather: As Head of Advisory CISOs at Duo Security (now Cisco), Nather’s focus has been democratizing security. Her work often revolves around how organizations achieve robust endpoint security without substantial investments.

John Lambert: Lambert, the General Manager of the Microsoft Threat Intelligence Center, is pivotal in highlighting the importance of machine learning and automated defenses in endpoint security.

Patrick Wardle: A macOS security expert, Wardle’s contributions to ‘s security ecosystem are notable. His tools and research on macOS malware are indispensable for Apple endpoint security professionals.

Raj Samani: As Chief Scientist at McAfee, Samani’s research has illuminated various threats in the endpoint domain. His insights into ransomware, cloud threats, and enterprise security are particularly profound.

Jamie Butler: With a at Endgame, now Elastic, Butler is a go-to expert for advanced endpoint threat techniques. He’s renowned for his presentations on novel endpoint attack and defense strategies.

Paula Januszkiewicz: The founder of CQURE, Paula is an IT Security Auditor and Cloud and Datacenter Management MVP, with deep expertise in enterprise security, penetration testing, and endpoint protection.

Chris Wysopal: Co-founder and CTO of Veracode, Wysopal has been at the forefront of software and endpoint security. His experience dates back to his time with the influential think tank, the L0pht.

Endpoint security, in today’s era of distributed work environments and burgeoning threat landscapes, has become paramount. The focus has shifted from just network security to ensuring every endpoint – be it a mobile device, laptop, or even IoT devices – is secure. These , with their vast knowledge, research, and hands-on experience, are pivotal in guiding practices in this space. They continue to influence product design, security strategies, and practices essential for safeguarding organizational and individual assets. Following their insights and contributions ensures that you’re updated on the latest advancements, vulnerabilities, and best practices in endpoint security.

Top 10 Cloud Security experts to follow

Werner Vogels: As the CTO of Amazon.com, Vogels played an instrumental in the development of Amazon Web Services (AWS), the ‘s most extensive cloud service provider. His insights into cloud architecture, scalability, and security are unmatched.

Alex Stamos: Former Chief Security Officer at and now a professor at , Stamos’ expertise lies in the security challenges of big tech companies, especially as they transition to the cloud.

Diane Greene: As the former CEO of VMware and later the head of Google Cloud, Greene’s of virtualization and its implications for cloud security made her a significant figure in the cloud computing landscape.

Tim Prendergast: Co-founder of Evident.io, a cloud infrastructure security company acquired by Palo Alto Networks. Prendergast’s work focuses on automating and streamlining cloud security compliance.

Rinki Sethi: As the CISO of Twitter, Sethi navigates security at one of the biggest platforms on the internet. She has prior experience with cloud security from her times at IBM, Intuit, eBay, Walmart, and Rubrik.

Chris DeRamus: Co-founder of DivvyCloud, DeRamus works on software solutions to achieve security in cloud and container environments. His expertise lies in addressing misconfigurations, policies, and ensuring compliance in the cloud.

Kashif Husain: With roles at both Oracle and Symantec, Husain’s work is central to cloud security. He’s known for integrating security at the very core of cloud infrastructure, advocating a security-first .

Liz Rice: Rice’s expertise lies at the intersection of containers and security. As the VP of open-source engineering at Aqua Security, her insights into Kubernetes and container security are crucial for modern cloud deployments.

Andi Mann: With a career spanning over decades, Mann’s speciality lies in cloud security strategy, digital transformation, and the broader implications of cloud on IT operations.

Rajiv Gupta: A senior VP at McAfee, Gupta focuses on cloud security business units. His insights revolve around cloud threats, protection, and ensuring a seamless security posture across multiple cloud providers.

You are enjoying this content on Ian Khan's Blog. Ian Khan, AI Futurist and technology Expert, has been featured on CNN, Fox, BBC, Bloomberg, Forbes, Fast Company and many other global platforms. Ian is the author of the upcoming AI book "Quick Guide to Prompt Engineering," an explainer to how to get started with GenerativeAI Platforms, including ChatGPT and use them in your business. One of the most prominent Artificial Intelligence and emerging technology educators today, Ian, is on a mission of helping understand how to lead in the era of AI. Khan works with Top Tier organizations, associations, governments, think tanks and private and public sector entities to help with future leadership. Ian also created the Future Readiness Score, a KPI that is used to measure how future-ready your organization is. Subscribe to Ians Top Trends Newsletter Here