IoT Security Training

2021 Training Dates

NOTICE: We have suspended physical training courses in the wake of the global COVID-19 pandemic to comply with legislation and safety reasons until further notice.

In the meantime, you can view IoTSF’s on-demand training webinars on the top 3 cyber security provisions for consumer IoT: No Universal Default Passwords, A Means to Manage Vulnerability Reports, and Keeping Software Updated.

Training Courses


At the completion of this course, attendees will know how to secure a connected IoT product from scratch. This course is run across 2 days and is taught in English.

Course attendees benefit from a fully inclusive package, will receive a certificate of completion, be registered on the IoTSF database and inducted into the Training Alumni platform.

Interested parties are encouraged to book early as places are limited

If you have any questions, please contact us.

Course Objectives

By the end of the course, attendees will:

  • Be able to secure a connected IoT product from scratch.
  • Be able to discuss the main threats and attacks on IoT products and services.
  • Know how to research and assess IoT threats and risks as they arise.
  • Be able to implement a security reporting scheme in their organisation.
  • Be able to work effectively with security researchers on reported IoT security issues and concerns.
  • Have the knowledge to be able to develop a security patching strategy and product update life-cycle.
  • Have a good working understanding of the best practices laid down by the IoT Security Foundation.

What’s included

  • 2-day Course run by security experts
  • Buffet Lunches
  • Refreshments
  • Cohort Dinner
  • Course Certificate
  • Induction to the Training Alumni platform for post training support & networking
  • Optional – 2 nights residential accommodation / breakfast

Who should attend this course?

This course is aimed at IoT practitioners, startups and those who wish to understand how to practically implement security into IoT products and services.

The trainers will take attendees through the basics where necessary and will adapt to the skill range of the attendees, providing individual assistance throughout. The course is therefore suitable for all levels of experience and skill.

Course Pre-requisites

There are no course pre-requisites but it is advised that you familiarise yourself with the IoT Security Foundations publications on which the course is based.

Course Detail

Day 1 09:00 – 17:00

Welcome and introductions
Course objectives

Session 1: Introduction to IoT and the Security Landscape

An introductory system-wide overview of the technologies that make up multitude of IoT services, from hardware through to software as well as the potential vulnerabilities that this world may bring. Attendees will understand why security matters.

Refreshment Break

Session 2: Practical Attacks, Threats and Risks

Practical Attacks, Threats and Risks to IoT products and services Real-world stories and breakdowns of attacks that have occurred, the impact they had and what measures could or should have been taken to mitigate or avoid them in the first place. This session aims to show the value of security by design and also practical security and business management techniques for managing security.


Session 3: Best Practices for IoT Security

Understand the background and rationale for the principles and how to apply them in a real world context.
Understanding and utilising the IoT Security Foundation User Best Practice Mark.

Refreshment Break

Session 4: Securing Connected Products

This session gives and end-to-end tutorial on how to secure connected consumer products, from mobile application security to IoT device security, through to cloud services.

Day 2: 09:00-17:00

Welcome back
Re-cap of Day 1

Session 5: Practical hacking session

This session will allow attendees to witness real-world hacking of IoT, but also to use some hacking tools in order to experience how hacks can take place and the impact they can have. Equipment and software will be provided.

Refreshment Break

Session 6: Software updates and security update life-cycle

Practically implementing a software and hardware update and product lifecycle strategy that works and keeps users secure. Understand the issues and solutions around constrained devices and how to manage them.


Session 7: Vulnerability Disclosure

Understand the background, mechanics and psychology of coordinated vulnerability disclosure and how it is beneficial to your business. This topic will also cover bug bounties and other aspects of working with security researchers.

Refreshment Break

Session 8: IoT Security Self-Certification

How to use the IoT Security Foundation’s self-certification scheme, assess and make your product or service secure, ready for certification.

The course is run across 2 days and prices are exclusive of sales tax.

Not sure if your company is a member? See here for a list / Considering Joining? See here on how.

Non-IoTSF Member rate IoTSF Member rate
Residential £1595 £1395
Non-Residential £1495 £1295


Meet The Trainers

Professor David Rogers MBE

David is a Visiting Professor in Cyber Security and Digital Forensics at York St John University and teaches Mobile Systems Security at the University of Oxford. He has worked in the mobile industry for many years in security and engineering roles. Prior to this he worked in the semiconductor industry. He has extensive experience in standardising and developing IoT products and security. His book ‘Mobile Security: A Guide for Users’ was published in 2013. David was awarded an MBE in recognition of his services to cyber security in The Queen’s Birthday Honours List 2019.

Mark Neve

Mark has extensive software experience from embedded development for IoT through to commercial software and test automation for millions of mobile phones. He has been involved in research projects for automotive, IoT, security and smart cities. Mark has 15 years’ experience working in the mobile manufacturing environment for Vertu and Panasonic Mobile. He previously worked in the automotive sector as a software engineer working on Just-in-Time systems for suppliers to Nissan.

Location and Accommodation

24th and 25th September 2019 Windsor, UK

Situated just two minutes’ walk from Windsor Castle, the Macdonald Windsor Hotel provides stunning views of the castle and historic town as well as individually-designed luxury rooms. This training course takes place within the hotel.

Generous breaks will allow you to meet your course peers and network with other companies looking at how to implement IoT security in their products and services. The course dinner on the first night will give you a further opportunity meet and discuss your fellow course attendees. On the second day, delegates will be able to experience the world famous changing of the guard and a delicious cream tea in the afternoon.

Additional Things to do in Windsor

Windsor is most famous for the stunning Windsor Castle, one of the official residences of the Royal family. Macdonald Windsor Hotel sits directly opposite Windsor Castle, the perfect location for watching the Change of Guards. One of the more appealing places to live thanks to its heritage, Windsor boasts a range of attractions and historic sites. A great spot for tourists, Windsor is home to Legoland and only a short journey to London city centre.

Training Venue & Accommodation website:

View MacDonald Windsor Video

12th and 13th November 2019 Innsbruck, Austria

Located in the heart of the Capital of the Alps, AC Hotel Innsbruck is situated close to the Main Train Station and the old town. The first AC Hotel in Austria is also the perfect choice to explore the city on foot or as a base for fantastic Skiing and Hiking in the surrounding area. Originally built in 1972 for the Winter Olympic Games this landmark hotel in Innsbruck has been completely refurbished and upgraded with all 187 rooms enjoying breathtaking views of the Alps. Enjoy our signature breakfast or relax after a day on the slopes in our AC Lounge where bold lines, wooden textures and sleek decorations compliment your business meeting or social gatherings with AC Hotels’ signature creative atmosphere. We invite you to come and experience what happens when Austrian hospitality meets Mediterranean flair.

Training Venue & Accommodation website: