Partner; Pen Test Partners
Ken looks after vulnerability disclosure and tries to influence government policy around IoT. Whilst some disclosures are successful, the majority are a train wreck. Watching vendors try to ignore contact from researchers, fumble or try to silence the process led him to working with regulators in an effort to fix the problems at source. He considers carrot and stick are the only way to resolve smart product security. The work of his team on My Friend Cayla, the vulnerable talking kids doll, was cited as one of the catalysts for California State Bill 327, regulating IoT security for California residents. He’s briefed US government departments and spoken at TEDx, DEF CON villages, RSA, Black Hat, BSides and numerous other security events. If you want his attention, just market your device as ‘unhackable’.