Executive Steering Board

Dr Stephen Pattison – Chairman, IoT Security Foundation, VP Public Affairs, ARM

Stephen is responsible for ARM’s Public Affairs, including contributions to public policy thinking across the world. His focus is London, Brussels, Washington and, increasingly, China. He was the first person to be appointed to a Public Affairs role at ARM, in 2012. Key issues on which he is working include Internet of Things, Smart Cities, Data Protection, Energy Efficiency, and Security. He also oversees ARM’s Corporate Responsibility Programme.

Prior to joining ARM, Stephen was CEO, International Chamber of Commerce UK, where he represented the interests of a range of companies and focussed on various policy and international trade issues. Before that he worked for James Dyson (Vacuum cleaners etc) as Head, International Business Development, where he introduced new products into new markets as well as accelerating growth in existing markets. He was once a British Diplomat and worked at the British Embassy in Washington, and on UN issues in London, New York and Geneva.

Stephen has a Master’s Degree from Cambridge University, and a Doctorate from Oxford. In 2003-4 he spent a year at Harvard as Fellow in International Affairs at the Weatherhead Center.

John Moor – Managing Director, IoT Security Foundation

John Moor is co-founder and Managing Director of the IoT Security Foundation.

He has more than 30 years experience in electronic systems and microelectronics industries and holds executive leadership and general manager responsibilities for IoTSF. Previously John served as a vice-president at the National Microelectronics Institute (NMI) where he was tasked with formulating strategy and leading the implementation of key innovation initiatives including creating a portfolio of technical engineering networks, establishing the UK Electronics Skills Foundation, running the Future World Symposium and participating in overseas trade missions.

Prior to NMI, John was one of the founders of Bristol-based start-up ClearSpeed Technology (formerly PixelFusion Ltd). During this time he led engineering operations at vice-president level and was responsible for technology acquisitions, establishing international supply chain operations and acquiring capability in the UK, USA and Taiwan.

John holds an MA (Distinction) in Strategic Marketing Management from Kingston University London and a Master of Business Administration from the University of Leicester. John’s formative engineering career centred on leading-edge microprocessor based systems (substantially parallel systems) and used in data communications, high performance computing, graphics and virtual reality applications.

Professor Paul Dorey – Director, CSO Confidential 

Paul Dorey has over 25 years management experience in information security and established one of the first dedicated operational risk management functions in Europe. At BP he built and managed Information security, BCP, Privacy and Information Management Standards & Services globally across the corporation, including the digital security of process control systems. Prior to BP, he set up and ran global strategy, security and risk management functions at Morgan Grenfell and Barclays Bank.

Paul has consulted to numerous governments, was a founder of the Jericho Forum and for several years sat on the Permanent Stakeholders Group of the European Network Information Security Agency (ENISA). He was one of the founders of the Institute of Information Security Professionals (IISP), and after 5 years as Chairman of the Board is now Chairman Emeritus. He was appointed to be a Fellow of the Institute in March 2015.

Richard Marshall – Plenary Group Chair, IoT Security Foundation & Managing Consultant, Xitex Ltd

As Chair of the IoT Security Foundation Plenary Group, Richard leads the implementation of IoTSF’s strategy.  The Foundation’s objective is to drive the pervasiveness of IoT security, improving its fitness and end-to-end quality. The Plenary Group is an important piece of the delivery plan as it is the central members’ forum where concerns are identified and active working groups determine the corresponding measures to address the challenges. Typical outputs from the working groups are best practice guidelines which satisfy the simple requirements of being useful, accessible and crucially, actionable.

Richard is Managing Consultant at Xitex Limited, which provides consultancy on defining and launching wired and wireless connected products with emphasis on creating secure IoT products and their secure supply chains. He has spent over 25 years in the electronics and communications sectors, having worked for Lucent Technologies, Sony, Cisco and also being a founding lead team member at startups Ubiquisys and nSine. At Ubiquisys and subsequently Cisco, after its acquisition of Ubiquisys in 2013, Richard was the Product Manager for their global cloud based activation system for 3G/4G small cells. This role being the security advocate, technology champion and secure manufacturing supply chain architect for the successful secure deployment of more than a million small cells manufactured in Europe and SE Asia. More recently he has been involved with taking various IoT products to market.

Dr Steve Babbage – Distinguished Engineer, Vodafone

Steve Babbage_webDr Steve Babbage is a Distinguished Engineer at Vodafone.  He is the head of security and mathematics in Vodafone Group Research and Development, and the chief cryptographer for the Vodafone Group.  Since 2002 he has been the chair of ETSI SAGE (Security Algorithms Group of Experts), the group that specifies all standardised crypto algorithms for 3GPP.  Before joining Vodafone, he worked in the mathematics department of Racal Comsec Ltd, a company that designed, manufactured and supplied communication security equipment for both commercial and military use around the world; Steve’s department was responsible for the cryptographic algorithms implemented in all this equipment.  Steve is a Technical Advisor to Nok Nok Labs, and a member of the GSM Association’s Fraud and Security Advisory Panel; he was formerly a Technical Advisor to PGP Corporation and a director of tScheme.  He received an MA in Mathematics and Philosophy from Merton College, Oxford and a PhD in Mathematics from Royal Holloway and Bedford New College, London.

Professor David Rogers – Founder & CEO, Copper Horse Ltd

david_rogers_Copper Horse_web

David is a mobile phone security expert and is the CEO of Copper Horse Ltd, a software and security company based in Windsor, UK.

Having worked in the mobile industry for over 17 years in security and engineering roles, David’s is currently focusing his commercial interests on security and privacy research for the Internet of Things and Smart Cities.

In 2016, David was appointed Visiting Professor in Cyber Security and Digital Forensics with the Computer Science Department at York St John University and he teaches Mobile Systems Security at the University of Oxford.  He also chairs the Device Security Group at the GSMA and his book ‘Mobile Security: A Guide for Users’ was published in 2013.

Ken Munro – Partner, Pen Test Partners

Ken Munro_Web

Ken has been working in IT security for over 15 years. He writes for various newspapers and industry magazines and is a regular source of comment and sanity on IoT issues to various news agencies and the BBC. He has grown a reputation as someone who cuts through the noise, spin and scaremongering put about by many security vendors. He takes a very active role in the IoT space. When not presenting findings, facilitating workshops, or briefing organisations Ken also provides advice to device manufacturers and is a huge advocate of responsible disclosure.

Haydn Povey – CEO & Founder, Secure Thingz Ltd

Haydn Povey_webHaydn is the Founder & CEO of Secure Thingz Limited, a company focused on developing and delivering next generation security technology into the Internet of Things (IoT) and other connected systems. The company is focused on developing secure gateway technology and also has products supporting secure device production. Secure Thingz additionally has a broad consultancy base encompassing AsiaPac, North America and EMEA.

Haydn has been in senior management at leading global technology companies for over 20 years, with the last 10 years in senior marketing and business development roles at ARM Holdings, the leading Microprocessor IP (Intellectual Property) company. Haydn most recently headed ARMs strategy and product roadmaps for Security within IoT and M2M marketplaces where he worked with critical groups within the US and UK government responsible for the development and deployment of security frameworks, alongside many leading silicon vendors, OEMs and system integrators and software solutions.

Previously Haydn was Director Security Products & Technologies within the ARM Processor Division where he owned a broad array of products including TrustZone, which delivers security foundations in the majority of global mobiles and tablets, and SecurCore, which is the foundations for the majority of 32-bit SmartCards and SIMS.

Prior to owning security at ARM Haydn led the development and introduction of the Cortex-M microprocessor family which has led to the rapid adoption of 32-bit microcontroller technology around the globe and underpins the majority of Internet of Things devices.

Earlier in his career Haydn held positions as Global Head of Sales and Marketing with various early stage technology companies as well as senior sales and marketing roles with National Instruments in both the UK and the US.

Professor Ben Azvine – Global Head of Security Research and Innovation, BT

Ben Azine_Web

Professor Ben Azvine is the global head of security research and innovation at BT. He has 25 years’ experience in both academia and industry. His previous roles included leading the IT research centre and head of business intelligence & customer analytics research at BT Group Chief Technology Office. He holds a BSc in Mechanical Engineering, an MSc in Control Engineering, a PhD in Intelligent Control Systems from Manchester University and an MBA from Imperial College, London. Having held research fellowship and lectureship posts in several universities, he joined BT in 1995 to lead a research programme to develop and exploit novel Artificial Intelligence technology to support next generation IT systems for BT. Since then he has held senior, principal, chief research scientist posts at Adastral Park in Ipswich where he is currently based.

He has edited two books and published more than 100 scientific articles on novel application of intelligent systems. He is an inventor of 50 patent applications, has won 4 BCS and an IET gold medals for IT innovation, holds visiting professorship positions at the Universities of Bristol, Cranfield and Bournemouth. He acted as the chairman of the European network of excellence for Uncertainty management techniques from 1998 to 2001. His current research interests include the application of intelligent systems to security, protection of critical national infrastructure, data analysis and information & knowledge management. His current projects include Cyber, cloud & internet security, intelligent assessment of security events, future compliance and risk management and future identity and access management.

Professor Carsten Maple – University of Warwick

Professor Carsten Maple is Professor of Cyber Systems Engineering at the University of Warwick, WMG’s Cyber Security Centre (CSC). He is the director of research in Cyber Security working with organisations in key sectors such as manufacturing, healthcare, financial services and the broader public sector to address the challenges presented by today’s global cyber environment.

Professor Maple has an international research reputation, has published over 200 peer reviewed papers, and extensive experience of institutional strategy development and interacting with external agencies.

Professor Maple is a Fellow of the British Computer Society and Vice chair of the Council of Professors and Heads of Computing, UK.

Sarb Sembhi – CTO, Virtually Informed

Sarb Sembhi

Sarb Sembhi CISM, is the CTO for Virtually Informed and a CISO for AirEye, a technology company providing visibility, control and protection to enterprise Airspace. He started his career as a projects manager in the public sector then became a management consultant, where he enjoyed working with technology and software development. It was during this time where he first came across the importance of security in developing new products. This interest further led him into more security projects.

In 2005, Sarb explored the vulnerabilities of networked CCTV systems and he became interested in devices which sit on the network but were unattended and unmanaged – long before we used the term IoT. These security devices were the responsibility of the physical security teams where there was very little oversight or interaction with the cyber security teams – leading Sarb to work with others to provide security leaders with a converged approach to managing security from a single risk perspective.

In 2020 Sarb was recognised by IFSEC Global and shortlisted 5th in the IFSecGlobal 2020 20 Most Influential People in Cyber Security.

Sarb has written many articles, white papers and spoken at many events on most aspects of security. He was the Workstream lead for the Cyber Security Council Formation Project’s Thought Leadership Workstream. He also sits as an adviser on several startups. Most recently, Sarb has been a vice-chair on IoTSF’s Smart Built Environment Group where he has led the sub-groups to produce a series of best practice guides. His work continues on Smart Cities and privacy, and Smart Building Security.

Madjid Nakhjiri – Jump Security Lead, Uber

Madjid Nakhjiri

Madjid is a security professional and was previously the Senior Director of Security Architecture at Samsung Strategy and Innovation Center. He held overall responsibility for roadmap, architecture, solution and execution of end to end security for the Samsung ARTIK platform. Madjid has over 20 years of industry experience with over 15 years in security architecture and standards, chairing many industry standards activities in IOT, IPTV, and IETF, and has authored and delivered many widely used standards on PKI, DRM, Software update, secure mobility, key management and most recently the OCF security specification v1.0. Madjid led the activity of establishing a policy authority for WiMAX establishing the specifications, legal framework and ecosystem and deployment of a commercial PKI for WIMAX and lead Motorola PKI center in establishing itself as a Root CA for WiMAX. Madjid also brings expertise in design of secure SOCs and system on modules.

Madjid is the author of book “AAA and security for Mobile Networks”, many conference papers, 13 issued patents and 30+ pending. He attended Chalmers University of Technology with M.Sc. in Electrical engineering and the University of Tehran.

New Executive Board Appointments

The Internet of Things Security Foundation was launched with commitment and support from the original executive steering board. Board positions are available for senior employees of staff from IoTSF corporate membership. We are looking to further extend the diversity and range of leadership especially across Europe, the United States and Asia. If this is of interest to your organisation we have a process for submitting board member position applications – please contact John Moor with your contact details in the first instance.