 Again, welcome to our panel discussion. We have a great panel today, but before we get into the panel If you haven't had a chance to check out our entire space, we have a lot of new content this year We have ATM hacking. We have Google Nest. They bought a few devices bird also I have a few scooters that you guys can you know ride and also hack find some O-Days GE Healthcare has an ultrasound. That's also cool CTF there as well If you're just starting out new in the area, we also have a few labs Hands-on tutorial based labs. A lot of people are enjoying those learning a lot. So I'm after this do you have time? If it is oh, there we are. So after this if you have time you can check out our other space We take a mic We have a lot of content. We have ATM hacking. We have bird. They had bought over a few cutting-edge scooters GE Healthcare also has an ultrasound device So yeah, yeah, the other side is a lot of fun. You'll definitely learn a lot So after this definitely spend some time over there and ask a lot of questions. You'll learn a lot for sure So my name is Drew Branch security analyst at ISC. I will be the moderator of this panel So I pretty much do it all hands-on technical guy also I guess perform a bit of research there Yeah Cool, they're telling me to speak louder if anybody can't hear me just let me know and I'll definitely adjust the microphone and speak louder But yeah, that's kind of what I do. So I'm going to allow the panelists to introduce themselves Give a brief, you know description about what they do the company work for and all that good stuff. So yeah You guys hear me okay yeah So my name is Julian and I work with Zingbox and Zingbox is a fourth-year startup and We're located in Mountain View Silicon Valley So we develop technologies that leverage on AI machine learning to help protect IoT devices that deploy it on the enterprise network So I'm heading the research group in Zingbox so the research group is a bunch of guys that we have security researchers. We have data scientists and We have the developers in the same team so people ask me why why you guys have data scientists and security researchers in the same team and and We usually tell them that this is and this is what we do and our core concept and how we make this product work is is to how to teach machine and programs to To actually learn enough about security is to to build the ultimate blue team But the reality is I can't make my data scientists PhDs understand security and And our security researchers and usually they're not interested in learning neural networks, right? So that that's about us. Thank you Hi, everyone. Thank you for coming. I'm I'm chagai. I'm Research lead I'm a research lead for securing Sam We are a security company based in Tel Aviv, Israel and What we're focused on is securing the connected home So we have a software solution that runs on the gateways Usually get ways provided by you know different telcos and cable operators and what we do on those Routers with exactly the same route as you might have in your home is that our solution identifies the network Fingerprints the entire devices and adjust a security Mechanism and and policies for the behavior of those devices and provides you with the network management and everything you might need To understand what's going on inside your home Yeah, thanks Thank you. Hi So my name is Ben Ceri. I'm the VP of research at ARMIS and ARMIS is a In the agent list IOT security company. It focuses on both enterprise medical and an industrial environments In my team in ARMIS needs the research both vulnerability research But also any research related to the product that at ARMIS then develops and uses in various environments And that's it that's about about me. I'm happy to join you all Hi, my name is Ankur. I'm with Google Nest. I'm a security engineer there We are responsible for securing Nest devices and Google home devices some of these you might have heard of like the Google home speakers Nest hubs nest cameras nest security system and obviously a nest thermostat Very happy to be here and thank you for joining us looking forward to talking with you all. Thank you Thanks guys So I want this I guess session to be Interactive and we put this panel together for for you guys to ask questions So if you have a question During our main session we have a Q&A session after our main session Feel free to come up and I will give you my microphone So you can ask your question. Yeah, sounds good Yeah. Yeah. Yeah, cool So to kind of get us started Have a few questions here Salute scripts want this to be a natural conversation. So so feel free to step up and feel comfortable so Gonna start off in the realm of firmware updates And you know, this is kind of a topic that a lot of people have on their their minds And I'm curious to see how you guys are approaching firmware updates And how are you kind of securing that workflow as a whole so I'm don't really have a particular order But anybody wants to you know, take the first stab, please do so This is going to be fun All right, I Think speaking mostly from a consumer standpoint We don't want consumers to be worried about things like security updates Of course from an industrial standpoint there are various other use cases because you have to be concerned about regression testing and Compliance and regulatory approvals and others from a consumer standpoint on the other hand We want users to be using the most up-to-date firmware We want them to be have the most up-to-date security patches and at the same time We also don't want them to be worried about when will my device be updated so from a workflow standpoint particularly from a consumer I want them to We have a device it's connected It should be patched as soon as we have the patch ready to be deployed Yeah, I think that the example of Google Nest and Amazon Echo also has this ability that firmware updates are being Automatically driven to the devices. That's obviously the best solution to that type of problem But it isn't really possible for every device if you have a medical device running inside a hospital you can't Send and fueling upgrade to it forcefully it has a function it needs to be on all at all times or the user needs to decide when he Can actually do the update. I think that's so that but in a device that it is possible to to do this type of forced upgrade Obviously, that's the best solution whenever vulnerability critical availability is published You'd want And a patch for it to be driven as fast as possible that the trouble with the many other devices comes from that lack of lack of updates but obviously There are the third element of it is you also want the firmware update process itself to be a secure one And if it isn't that's another attack surface that that is open attackers to try to abuse the device But so there are all of all of these concerns that I think there's a joint effort from my device manufacturers From researchers looking at these types of firmware updates mechanisms, but also solutions Like like cybersecurity security companies that look at the devices from an external standpoint To drive users to update if they if if they know that the device is running an old firmware And also mitigate whatever can be mitigated from a security standpoint until such patches are available So there are any concerns with that Yeah, I'm completely agree with my fellow panelists, and I got to say what Ben spoke about Providing a way to mitigate An affected firmware until time, you know, there a firmware is validated is a crucial key of solving this problem and From our experience our product runs on, you know, gateway firmers or integrated with them and you know, I don't know how Up to date you are with how fast your router is being updated by your operator, but it's not that fast and Really when we talk about security the time scale that we talk about is not, you know The months that it takes to actually validate some of those firmers We're talking about time scales of updates need needed to be pushed within hours and days after a vulnerability is found and really that is what We kind of were focused on bringing this time scale to the home to the to the router to the connected devices in the home and We're kind of employing it in our product. So being able to push new, you know Humidigations is a crucial part, you know over the air without the user being in force to interact and of course notifying him about any, you know Susceptible firmer in his house so we can take the appropriate measures if it's not it, you know a very managed IoT such as that's this one's Yeah, so think these are great points from the final Panelists and I want to add a few more things. So most of our customers were we have a lot of Customers in house care. So these are hospitals and health systems. So earlier this year We did a research on the selected group of 100 hospitals and just to find out how their medical devices Update their software and how many devices are running outdated software. So so the result is it looks It looks quite shocking actually So our result shows that 27% of the medical devices are still running outdated former and This number is going to go much higher next year when the windows 7 is going to be end of life Right, so a lot of these devices and the worst category is the imaging devices that 20% of the devices are still running Windows Windows XP and Windows 2000 and next year by January when Windows 7 goes out of end of life And it's going to add another 56% so combined is going to be 83% of the Imaging system are going to be running on end of life operating systems So I think the former update is not just a liability of the end users or Enterprise hospitals and it has to be a collaboration between the vendors and the end users and the and also the security vendors Who can help monitor which devices are actually running and now notice outdated software And what I mean is is the supply chain is healthy enough? And do we have an easy easy channel to to update the software on these devices? Yeah Yeah, those are all interesting points I do have a follow-up question because a few guys mentioned that the the healthcare industry in particular You know can't you know readily update devices because of the nature of the use case So do you guys have an idea of how we could improve that workflow on? Both the manufacturer side and also on the the consumer side So on the consumer side Healthcare is interesting I don't feel that We build any devices that are specific to health care or which are in terms that we provide very specific health care services It also allows us to operate it a certain fewer restrictions when it comes which you which you are bound by For example, we are able to push out updates much faster We are able to validate them on a smaller test bed Which is not when I say small I mean still a significantly large part of the population, but the cycles are Faster much more rapid and obviously then they get pushed out That does not mean that we don't face the same problem, but the hurdles are obviously fewer Now does that mean that that will not change in the future? It's not something that I can predict today We still have to deal with the same problem in terms of the attack surface Which is where the firmware Distribution channels have to be secured you have to make sure that the devices are pulling from channels which are Secured the device is can recognize where they are pulling the firmware from Especially when you also have third parties playing in the same ecosystem a lot of you have a lot of places where now You have consumer devices which might be talking to services which are not maintained By the same manufacturers for example, you might be a company a which makes I'm going to regret saying this toasters Evil toasters But you do not have the expertise to maintain a cloud service In that case, are you going to go ahead and build a cloud service to deploy firmware? And a lot of cases you end up doing that and Then you have to figure out okay So how am I going to now secure the firmware distribution channel often what you'll end up doing is that you might just set up Again, I am going to regret saying this Open s3 bucket Where with publicly writable and there I'm going to deploy my firmware and now I've basically exposed all my evil toasters to a Militia's firmware upgrade now Let's move this on to the health care industry We have a similar problem You have basically this transition Where you had non-connected devices you had very complex devices which had MRIs Sonograms which have been now transitioning over to becoming connected devices But now facing the same threats Not necessarily now. I've been trivializing it by seeing toasters But the threat surface has not changed but the expertise that's required is all Similar if not greater given the regulatory and compliance challenges that are facing and that's what increases the and Given that the toaster can At best burn your toast at worst burn down your house now In the medical care, it basically means it can potentially kill someone That increases the threat level to a whole new perspective so Yeah, I Think in a other aspect of this is we can look at what happened to Security updates and the PCs and the mobile phones So these devices were your IOT devices 10 years ago and now there are the endpoints and they are much more secure And part of what happened there is that not only firmware upgrades are being pushed and automatically But even they don't necessarily require any downtime for these devices The system is not like many other devices Embedded like one device that has one firmware. It's a software. That's one's multiple modules And then a developer in Microsoft that wants to fix something very specific a bug in one piece of the code He can create a hot fix for this the patch for this can many times does not even require To revert the device. So when you think of critical devices medical devices industrial devices Obviously, they are far way behind In the way in their ability to to implement that type of granularity But that's like in the horizon. That's the best Option for creating security patches that don't require extensive regression testing because you don't change the entire system. You only change one small bit You only create a fix for whatever vulnerability you found that were fixed. So that's one aspect of it I think another aspect when you look when you Talk about these devices in general Generally, you think about about them as a you have a what you might find a vulnerability that impacts In infusion pump and maybe there is a vulnerability that this infects a Google Nest device But there was and then you're gonna go now if you're looking at device is usually as a whole as one thing But the practice of it is that many devices share code between them They might be sharing some library that might be fine found vulnerable They might Maybe the same underlying operating system. Maybe it's like the Linux or other is using many other device many different devices So that's also creates a challenge for for end users and device manufacturers Whenever availability is found in something that is commonly between them then you to understand what is the joint impact to all of us How do I where do I get the fix from this that is not dependent that is not specific to one device manufacturer, but too many So there there is a challenge in all of that And again in the horizon of it if you can actually create firmware updates that don't require food Reboot of the device that don't require to create a new firmware only in a patch That's that's that's where you see the end points going the mobile phones and the PCs And Apple devices to like iOS and iPhone today people don't need to install an update They don't even need to reboot the device. It happens. It's something that happens on a regular basis and then and then they're really more secure Most of the time that's that's the best way outcome impossible. I mean it for me this whole questions kind of actually Relates to a question that I've been pondering about myself, which has to do with where is IOT? going to on core kind of touched on the Really the crucial point where you have all these manufacturers and they have you know some application they Manufactured toasters a manufacturer a medical device But when they actually need to create an IOT they are not just in charge of that specific You know service that they're offering there. They have to build a whole connected device They have to choose, you know their entire stack and maintain it and we're talking about a cloud stack We're talking about, you know the device itself and I mean this model Is it really where we're going to stay at because that's I think that's the problem If I want to provide, you know a new IOT that has this great functions I don't want to be in charge of the entire stack and keeping it safe and hardened and everything and when we're looking at endpoints like like Ben said Endpoints like PCs and and mobile We have that consolidation. We have those platforms which are secured the frameworks which are shared and You know a new app maker a new phone maker doesn't invent the whole wheel. It just uses those secure frameworks So really what I'm I'm wondering about myself and kind of you know being in this industry is are we going to go to that direction where we have this Frameworks which are secure. They're managed, you know, there's big forces behind them that kind of have that Responsibility of keeping them safe and whenever I want to create a new device. I can use those and really have what we have, you know with Android iOS and and Linux and and Windows but really to the full extent of an IOT open source Platform We do see that I got to say we see that with With routers we see that I mean the consolidation Things that happen with me or I just because there were so many vendors and you know Everybody was just putting Linux on a box and you know not really looking at the whole picture This is changing. I can tell you from you know first-hand This is changing things are becoming standardized Other companies, you know coming together and trying to create those Frameworks for us to be able to provide applications securely on top of those Yeah, I think you guys made a great point some from technology perspective So I'm gonna add another perspective and and I think for former update is not just a technology problem right so We have to look at this from a business perspective and look at this from an organization perspective so one of our Customers and head of the clinical engineering actually she told us that I mean once That their MRI machine goes down for 15 minutes And what does it mean it translates into a loss of a revenue for over five thousand dollars, right? So there's a lot of decisions that need to be made to to update this former and What schedule time window and when when how they're gonna do it, right? But more importantly from an organization perspective We all know that the traditionally and security in in a hospital a healthcare system for example and security is owned by IT security, right and they own the security But they don't own the devices the devices the medical devices are owned by Biomed engineering or clinical engineering right so but but that team doesn't have a lot of expertise Or tools to help them understand the security and to update software on these devices, right? so the gap between the IT security and the The clinical engineering created a major problem for the former update, right? I mean even though the security IT security owns the security and and they see the IP address is Compromised right but they can't really shut down the device and they can't perform any former update without knowing the operational state of the device Right if the patient is using the device and and they can't really do it So that's where they needed the tool and the help from the security vendors to help them provide the visibility that they needed And in order to perform a safe and efficient software update Yeah, those are all really good Insights there I kind of picked my interest and The realm of threat modeling kind of where this conversation was going so I wanted to pose the question like Do you guys? Properly have a threat model or you know Think about your threats tax surfaces and everything during product development And if so like how does that kind of affect the overall product and delivery timelines All right, so this is a very you added a very Interesting caveat. You said do you do properly threat modeling? All right Threat modeling ends up being a iterative process I don't believe that we ever do threat modeling completely or properly You do a first round you do a second round and you keep doing it Actually, you never stop You have an incident and you keep doing it even then But We try and integrate it very deeply into our product development processes We think about threats when we are conceptualizing products We think about a threat when we are designing them We think about those threats right down right before we even select a silicon Because that's if once the silicon is logged as we realize as we have come to realize and this is a matter of Economics as well as security Things that are found wrong in silicon They are extremely and I cannot stress this enough. They are extremely expensive to fix The automotive if there is anybody here from the automotive industry, they are very acutely aware of this Recalls are expensive Car when cars are recalled it's a huge economic tax on them and if you have to ever go through that It's especially from a security standpoint. It's not something you want to do So yes, we do want to integrate it as early as possible and do it as often as possible now does that mean that we are able to do it consistently often and As much as we would like now But what we try to focus on our places that are the highest risk ones So we look at where are we consuming and touching upon the user in the most sensitive areas? Where are we consuming the most sensitive information and we start there and we then start moving rightwards? So when I say right so left is when we are conceptualizing right is where we are basically implementing and then from there The more sensitive it is the more left we start the less sensitive it is the more towards the center we are in terms of the threat classes that we often focus on offer obviously the most critical ones end up being the nation state actors and the most and all the way going back to users who are not as aware of their security properties and Everything that falls in between but obviously then we want to classify as to which threat actor would be be more interested and more More interested in which type of device and data make sense make sense Thank you Yeah, I want to tackle this like from different angle. I think that Haga I mentioned the fact that we want to strive to a place where many IOT devices and have the same framework or use the joint framework in a sense. I think there is a challenge there because Unlike PCs and mobile phones the IOT device part of its reason for existence is it's a You want to create all of these different? Devices that each has its unique purpose and so there is that there should be a strive to that Consolidation, but there is also a challenge there, but if you talk about threat modeling, I think that What device manufacturers need to have in common? Other than a framework is like design this good good design guidelines for what should an IOT device look like and a network perspective and connectivity perspective And if you like look at the average IOT device For example in its network inside the network. It doesn't need to do too much With the network and most IOT devices the I in the IOT is the main thing that they need they need internet connectivity And that's that should be like in the what they do inside the network They need to get to the internet and they need to get to the cloud service That connection need to be Encrypted secure and then they need to have nothing else They don't need to do have any TCP port or UDP port or anything open on their device. So Again, connecting this back to the spread to modeling stuff You need to think of who can attack you In what way and all that but then you need to compile that to basic design guidelines In what is the good cyber security high hygiene and all that which is eliminated attack surface and doing the best thing in actually and actually I to devices have the Advantage of not needing too much in the network from the network. They need to get to the internet That's it We need when you talk about other devices that fall under the IOT buzzword Then sometimes it gets more complicated Maybe an NMR in my machine doesn't need to have any internet connectivity and it only need to use can connect to one device inside the network, which is the Computer which it uploads the images to something But so but but many of the most of our devices do have this limited need for connectivity and the good way to to Take all that threat modeling and compile it into some something useful is to have Have these limitations in your design I mean since we are not you know an IOT vendor and we're not No providing a Box of our own of course We do I Want to just go over the perspective of somebody who won't you know adds another service to the network kind of have our own code Running in a home and kind of how we do our threat modeling and of course I think like was mentioned before Properly in threat modeling Who's to say you always need to do it you always need to do the best that you can the best that you are aware You know not leaving any dark corners Around and really think about what you're doing I'm lucky enough to be working in a security company. So I'm you know, I'm probably the best situated Kind of colleagues and individuals around me to to actually have those discussions I think this doing these discussions are are harder in some you know with with individuals I mean in companies that don't have that secure background that strong, you know security personnel and It's definitely an issue And just like Ben said, I mean there is just those basic secure as you'll see principles And yeah, we need to follow them the processes exist Exactly for that and having a good continuous process is key Yeah, I think threat modeling and should be a standard practice and for any development for any IOT devices or connected devices and Obviously and I think most of the teams Software teams modern software teams today. They follow the Nigel process So that is a perfect match to leverage on a threat modeling start from identifying security requirements and and then drawing up all the the user usage workflows and an architecture diagram identified prop detect the problem and fix them and do retrospect and all these Standard process is it's just a one-to-one match to agile process But if you if any of the companies still follow a waterfall, it's going to be a huge impact to the environment cost, right? so so I think in terms of the Threat class that we should include it in the threat modeling process and obviously people talk most about physical and remote access and authentication and Identification configuration management and maybe the supply chain and former update and but one other aspect people don't talk A lot is is the use usage environment, right? When the device is delivered to the end users, how they're going to use it, right? So in in the hospital and healthcare environment We see a lot of times that these extreme machines or or these city scanners there They're not really vulnerable, but but they're not they're being multi-tasked that they're used for other purposes, right? So our research also shows that I mean among all the attacks and and that we have seen in in health care 26% of them comes from the user practice issues We're talking about weak user credentials and use personal web mail that the subject of phishing attacks And and maybe some of the network configuration were segmentation issues So these issues are not being considered by the developers when the IOT devices were development They were developed, right? So so that is a major problem in this whole process Yeah, I definitely agree Definitely feel like threat modeling is an ongoing process is iterative As you mentioned because as you know manufacturers are rolling out new features and functionality to these IOT devices We have to make sure that those features or functionalities aren't increasing, you know attack surfaces that weren't considered During the beginning phases of development. So definitely key there for sure We have a few more minutes before we wrap up We are about seven minutes on the panel will also be available after this session for any questions that the audience may have But I would like to open up the floor to our audience. Do you have any questions, please? So you guys make some really good points about Using threat modeling and just the whole challenge of being in an infrastructure where you know You may secure it but deploy it in an insecure environment Have you guys looked at standards like ISA 99 slash 62443 which addresses much of this under the idea of using a standard of both for the supplier I either developing company as well as the Deploying company and in fact the the company that's actually doing the installation. Have you guys use 62443 at all? So I am not familiar with the standard so but in terms of we have looked at other standards as well Where we and we have tried to apply at this time because at the end of the day a lot of IoT Players in the market are operating in ecosystems Very rarely very very rarely it will be that we are operating independently Alexa for example doesn't just do echoes Alexa the ecosystem has other devices in itself The Google assistant ecosystem doesn't just have Google home speakers. We have other devices which are manufactured by third parties as well and what ends up happening as a result of that is that there We do face the same issues the off requiring infrastructure having multitude of suppliers and Having to integrate them into our ecosystem at the end of the day and we end up right now a Lot of us are doing that standards building ourselves What we are looking to do. Hopefully in the future is come to some sort of a unified industry standard I know I know that there are a lot of bodies out there as With anything in security. We don't do things small Well, we do a lot of we do a lot of small things and wait for some of them to become big and So but I'm not particularly familiar with the standard that you mentioned. So I'll have to look into that Yeah, I'm not familiar with the oils also with specific but I do when I want to say that there are Ways to create secure IOT devices with with existing infrastructures with existing protocols. It's not an impossible feat So we should adopt these Guidelines that allow us to you create the devices in a secure way. I'm not sure that the solution should be another protocol or another standard Like I said, there exist many of them that are already secure Um, yeah, just not familiar as well with the specific standard that you mentioned I do want to mention that there is standard standardization work being done In this in this field New RFCs coming out all the time I can mention just a few months ago Something that's very relevant to home IOTs manufacturer usage descriptions Some type of formalizing what a network device should be able to do and then enforcing that, you know In your enterprise network or your home network There's also another ISO a working group that we're specifically taking part of which really sets to discuss how You're protecting home networks home connected homes And I mean in the future 5g Will have so many more devices connected all around you There's a lot of work being done and yeah Just want to add a couple more words on that So I think there are standards and great standards and to follow for for guidance and there also laws and and there Also regulations, but I think the key thing is how to enforce them, right? So the truth is there's no way to enforce them, right? So I think one thing that the vendors could actually do is to make vulnerabilities a Stand a quality issue for the product, right? So I don't think that that is happening right now. I mean so a lot of these things are are being I mean Become a liability for the users to address or or enterprise organizations They have to address but essentially I think the vulnerabilities are Quality problems, right? So we should apply the same regulations and and to enforce the conversion of these vulnerabilities into quality issues So I think that's the key thing to notice Cool Hello, I'm thinking we're coming out and talking I have two questions first Where do you guys see the technology go of IOT devices for like the high-threat models? Would it be better for some of these? Equipments be offline so that they're sorry, not okay. Can you hear me now? Okay, cool for the high-threat model IOT devices Would you Where do you see this going in the future? Do you say see better security or would you say it's better to just disconnect some of these devices like for hospitals? Like do they really need to be connected? It's my first question and my second question You guys mentioned a good point of that a lot of these devices also have services associated with them to like continue updated with them with How do you see this affecting the industry is for like? Maybe heavy machinery equipment that are often used for decades after it's made I'm do you think people will be more or less likely to go for these types of technologies or how will this industry evolve in the future? First, thank you so much for the question So when we talk about IOT we end up talking about devices and let's admit it the devices are fun however We at the end of the day most of IOT is an ecosystem mostly the devices the services and the third parties that play in this so to your question of the high threat and when I when you say high threat model I'm just going to make an assumption you mean devices that may fit that either are related to life-threatening conditions like medical devices nuclear reactors submarines Just want to be clear So and this is pure speculation These are going to be a part of their own ecosystem as well Medical devices are a part of the ecosystem which includes hospitals insurance insurance carriers and patients Just like consumer devices are a part of the ecosystem which includes device manufacturers service manufacturers and consumers So regardless one way or the others the devices will end up being connected now as Ben and our miss have mentioned How much the connectivity is going to be is often going to be the question What is the attack surface going to be limited to is going to be the question the basic hygiene is where we start and then we start addressing what are the threats that we are trying to address are we addressing what kind of attacker are we trying to address and A lot of these we may already have the tools and technologies to address them in some cases We have to build new ones in some cases We have to figure out what is the actual risk that we are trying to manage at the end of the day, but at that back to your question of Whether it's going to be connected and offline or not I I Feel that we the horse may have already left the barn in this case Yeah, I agree with that at last point. I don't think that there is a way to turn it back the wheel Like in the security industry or if we are a Individuals that really care about our privacy we might Go down that path of disconnecting stuff but the overall population needs to need these devices as a part of the progress Part of what is it modernization is all that connectivity all that Is of deployment of all these devices around us so we can take that take the act with back and then there are advantages That we also obviously get from these devices But I do think that the way it would become more secure is these kind of Groups and people that all care about this issue. I think the awareness of it is boring I think people know that the risk is there And there are so we are in the beginning of beginning of it in some regard We are seeing the problem and there are all kinds of solutions from the frameworks from the Security solutions inside the organizations all kind of solutions at all in the homes in the enterprise Let's all try to deal with this problem, and we are not yet at the point where we see The progress but but but I think it will come and I and I also think that So it's the same process that we had with endpoints They were much less secure 10 years ago 15 years ago in the 90s having a Windows computer on the internet was Really really dangerous. It was really easy to be hacked and that's what we have today with IoT devices and the same evolution We got in the PCs in the mobile phones which are still not a hundred percent secure But but much much more secure will happen to this industry. It will take more time But it will also happen in this industry Yeah, just two words to add I also think that with the increased awareness and increased Visibility that we get for for devices. I think a lot of the problem is that we kind of how we treated those devices was kind of Just not careful enough or Visible enough in the sense that you had this infrastructure. You had this hospital. You had this Factory and you just connect to devices Without really understanding what needs to be done Who really what is the required behavior and then it's very hard to kind of add those rules those perimeters so a lot of the work he is actually in Better understanding the purpose of all those devices and this really can't be done Manually because there's so many devices So all the advancement that we'll have I mean a lot. I think a lot of our products going to use machine learning and AI tools in order to kind of automate this because there are going to be you know Hundreds of devices all around us and in factories you're talking about it's just not manageable by a single human being and then Understanding the behavior what needs to actually happen and then setting those perimeters setting those you know segments is going to increase protection for something that's very You know life that thing like he said or a very delicate So yeah, and I think the trend cannot be reverted So last year our research showed that one in one in two every two medical devices are connected and This this number according to a another Reputable research that the number by end of next year is going to reach 68 percent of medical devices So actually it's growing really fast more and more medical devices are being connected I think from for organization perspective and and the security team needs to come up with a better security posture and and better ways to protect these devices, so we see a lot of Network segmentation being used and they're trying to To put these devices that was higher risk on the different vlan or different network But people haven't realized that that doesn't really actually work for a lot of these IoT devices because the variety of different devices on the network some are mission critical like IV pumps pacemakers and and others are less less critical like Workstations and and dichom viewers and but but security Medical biomedical team ended up putting all these devices on the same vlan, right? So even the basic vlan's are kind of a mixed vlan environment So our research really showed that I mean only 3% of the On average only 3% of the vlan's only contain medical devices and all the other 27% are the mixed of PCs I mean printers and and IP phones and and medical devices and then the rest the majority of the Vlan's are just mixed of everything right PCs and everything else So not to say that we have to second segment the network based on the function of the device Which comes comes down to another big question. How do we identify these medical devices? Thank you for that just with flag that we have to wrap up this session Our panelists will be available after the session will be floating around the village So if you have any follow-up questions or want to continue discussion, please do so Yeah, so I would like to thank the the panel here for taking out the time Answering the audience questions as well as providing, you know insight to a few of my questions Also the audience for attending. Hopefully this was of value and yeah, so thank you guys. So yeah, thanks