Here is a selection of talks given, some press, blogs and papers that I’ve written that people might find interesting. I’ll update this from time-to-time!

Selected Speeches, Keynotes & Conferences

I am a regular speaker at conferences and events; the following is a selected list from late 2015:

• Securing Telecoms in Times of Conflict, Session 2: Keeping Civilians Connected in Conflict – Looking at the lifecycle from devices to networks, Mobile World Congress SEC CON 2023: https://www.mwcbarcelona.com/agenda/session/sec-con-2023-securing-telecoms-in-times-of-conflict
• GSMA Annual Security Threats Report Launch: 5G Futures Summit, Mobile World Congress 2023: https://youtu.be/vrg5MxhqCBM?t=61
• Taking the Big Stick to Security in the Internet of Things, Bristol & Bath CyberCon22
• Hacks with a Vehicle Simulator, DEF CON 30 Car Hacking Village: https://www.youtube.com/watch?v=9q2rHkiPwLk
• Advancing threat intelligence sharing across the mobile ecosystem Telecoms Threat Intelligence Summit (TTIS) 2022: https://events.hardenstance.com/2022-agenda-video/
• Building a Car Hacking Rig! B-Sides Cymru 2021
• I Hope The Real World is Not Real: Manipulation of data and people in the future internet 2021 Keynote at Ericsson’s security conference [note this continuation talk in the series on this subject will be published on this blog in the future]
• Product Security – IoT Standards and Legislation Chartered Institute of Information Security 2021
• Telecoms Threat Intelligence Sharing Telecoms Threat Intelligence Summit (TTIS) 2021: https://events.hardenstance.com/2021-agenda-video/
• Shining the Light of Truth: A journey into vulnerability disclosure practices at consumer IoT product companies, IoT Security Foundation Conference 2020: https://www.youtube.com/watch?v=AlNrtmX33wE
• CFCA Summer of Education: Mobile Industry Cyber Security and Fraud Observations and Incidents During COVID (2020): https://youtu.be/78kxJxpCZIU
• The Future of Hardware Security – how history can help, webinar 2019: https://www.tessentembeddedanalytics.com/event/webinar-future-hardware-security-history-can-help/
• Vulnerability Disclosure Challenges in IoT, CYBERUK 2019
• IEEE World Forum on Internet of Things, Limerick, April 2019: https://wfiot2019.iot.ieee.org/top3-cybersecurity-data-security-and-privacy/
• 2018 EPSRC Centre for Doctoral Training in Communications Annual Public Lecture Fake news to fake data: manipulation of the future Internet, University of Bristol: http://www.bristol.ac.uk/cdt-communications/events/2018-public-lecture/
• The UK’s Code of Practice for Security in Consumer IoT Products and Services, 44CON 2018: https://44con.com/44con/44con-2018/44con-2018-talks/
• Transforming Industries for Fun and Safety, B-Sides Las Vegas (2018): https://www.bsideslv.org/schedule/
• The Real World is Not Real: Manipulation of Data and People in the Future Internet Inaugural Lecture, York St John University: https://www.yorksj.ac.uk/news/2018/david-rogers-inaugural-lecture/the-real-world-is-not-real-manipulation-of-data-and-people-in-the-future-internet.html
• False impressions: just how secure is the fingerprint reader on your phone?, Mobile Monday Bristol: https://www.eventbrite.co.uk/e/mobile-monday-bristol-11-security-and-biometrics-tickets-36741980252#
• Future Research in Biometrics, York Developer Conference 2017: http://yorkdc.net/
• Securing the Future, Small Cell Forum webinar: http://www.smallcellforum.org/events/calendar/webinars/
• Small Cells Security, Small Cell Forum Plenary, Rome: http://www.smallcellforum.org/blog/small-cell-forum-member-security-update-rome/
• Understanding the Hacking World, Critical Communications World, Amsterdam: https://criticalcomms.com/
• Security & the Internet of Things, York Developer Conference 2016: http://yorkdc.net/
• Delivering a Robust and Secure 5G Network, 5G Huddle 2016: http://eu-ems.com/agenda.asp?event_id=2285&page_id=4642
• Don’t be an Idiot! A Sensible Approach to Managing Security and Privacy in IoT, Smart IoT London: http://www.smartiotlondon.com/2016-seminar-programme/session-details-coming-soon-31
• IoT Security & Privacy, Sleep-walking into a Living Nightmare? IoT Edinburgh: http://www.meetup.com/iotEdinburgh/events/228581984/
• The Connected Home is Already Here, International Communications Data and Digital Forensics Conference, London
• New Security & Encryption Paradigms, Mobile World Congress 2016: https://www.mobileworldcongress.com/session/new-security-encryption-paradigms/
• The Future of Cyber Security and Cyber Crime, London Futurists, London: http://www.meetup.com/London-Futurists/events/226786905/
• SINET Global Cyber Security Innovation Summit, London: http://www.security-innovation.org/global-summit_2016.htm
• Updating the Future, B-Sides London 2015: https://www.securitybsides.org.uk/June2015/schedule.html
• IoT Security Attack Surfaces Exposed, Bletchley Park IoT Security Summit 2015: https://www.youtube.com/watch?v=EXH7oisjatA&t=3s

Other

Giving evidence to the UK Parliament’s PSTI Bill Committee (2022):

• Parliament TV: https://www.parliamentlive.tv/Event/Index/f7140fda-b836-49cf-9744-a653b0e9c980

• Hansard: https://hansard.parliament.uk/commons/2022-03-15/debates/5f3edd96-d478-44aa-ab65-b4cb73adbdea/ProductSecurityAndTelecommunicationsInfrastructureBill(SecondSitting)

Media and Articles

Selected published articles, interviews, comment and writing:

• Who pays? Examining the costs of automotive cybersecurity and related standards (2023) (James Tyrrell and David Rogers): https://copperhorse.co.uk/who-pays-examining-the-costs-of-automotive-cybersecurity-and-related-standards/
• With Legislation Mandating Vulnerability Disclosure for Consumer IoT, the Industry Still Falls Short (2023): https://copperhorse.co.uk/with-legislation-mandating-vulnerability-disclosure-for-consumer-iot-the-industry-still-falls-short/
• The Daily Swig: IoT vendors faulted for slow progress in setting up vulnerability disclosure programs (2023): https://portswigger.net/daily-swig/iot-vendors-faulted-for-slow-progress-in-setting-up-vulnerability-disclosure-programs
• UK5G Innovation Briefing: Security lessons (2022): https://issuu.com/pongoandmatelot/docs/uk5g_issue10
• The Daily Telegraph: Hackers expose the foolishness of trusting ‘the cloud’ with our data (2022): https://www.telegraph.co.uk/business/2022/03/07/hackers-expose-foolishness-trusting-cloud-data/
• Forbes, This New 2022 Law Will Ban Use Of Dumb Passwords In Smart Devices (2021): https://www.forbes.com/sites/daveywinder/2021/12/04/this-new-2022-law-will-ban-use-of-dumb-passwords-in-smart-devices/
• EE News Europe, Securing the Internet of Things (2021): https://www.eenewseurope.com/en/securing-the-internet-of-things/
• UK5G Innovation Briefing: Secure by Design (2020): https://flickread.com/edition/download.php?location=5f15a4240e557
• World Economic Forum, 5G will change the world – but who will keep it safe? (Amy Jordan and David Rogers) (2019): https://www.weforum.org/agenda/2019/09/5g-will-change-the-world-but-who-gets-to-write-the-rules/
• Threat Post, 5G IoT Literally a Matter of Life or Death (2019): https://threatpost.com/5g-iot-literally-a-matter-of-life-or-death/145161/
• Mobile News: Advent of 5G and IoT looks set to ramp up UK cybersecurity threat (2019): https://www.mobilenewscwp.co.uk/Features/article/feature-advent-of-5g-and-iot-looks-set-to-ramp-up-uk-cybersecurity-threat
• BBC Tech Tent: 5G, Huawei and a question of trust (2019): https://www.bbc.co.uk/news/technology-47416254
• ZDNet: IoT security: Where do we go from here? (2018): https://www.zdnet.com/article/iot-security-why-everyone-needs-to-step-to-ensure-the-security-of-the-internet-of-things/
• BBC News: This rigged charger can hijack your new laptop (2018): https://www.bbc.co.uk/news/technology-45139397
• Consumers should be able to reject IoT products as not secure with these simple checks (2018): https://blog.mobilephonesecurity.org/2018/06/consumers-should-be-able-to-reject-iot.html
• How the UK’s Code of Practice on IoT Security would have prevented Mirai (2018): https://www.copperhorse.co.uk/how-the-uks-code-of-practice-on-iot-security-would-have-prevented-mirai/
• A Code of Practice for Security in Consumer IoT Products and Services (2018): https://blog.mobilephonesecurity.org/2018/03/a-code-of-practice-for-security-in.html
• The Real World is Not Real: Manipulation of Data and People in the Future Internet (2018): https://blog.mobilephonesecurity.org/2018/01/the-real-world-is-not-real-manipulation.html
• The future of humanity depends on us getting security right in the Internet of Things (2017) https://blog.mobilephonesecurity.org/2017/11/the-future-of-humanity-depends-on-us.html
• What’s the safest way to lock your smartphone? (2017) https://www.androidauthority.com/whats-safest-way-lock-smartphone-796086/
• Security hardened, pah! Expert doubts Kaymera’s mighty Google Pixel (2017) https://www.theregister.co.uk/2017/01/12/kaymera_hardened_pixel_smartphone/
• IoT Security Resources (2016-2018) http://blog.mobilephonesecurity.org/2016/11/iot-security-resources.html
• How do you Standardise the Internet of Tigers? (2016) https://www.ibm.com/blogs/internet-of-things/the-internet-of-tigers/
• Met chief suggests banks should not refund online fraud victim (2016) http://www.theguardian.com/uk-news/2016/mar/24/dont-refund-online-victims-met-chief-tells-banks
• Hey, UK.gov, have you heard how crap iPhone biometrics are? (2014) http://www.theregister.co.uk/2014/12/01/ex_gchq_boss_iphone_biometrics_shock
• Mobile Privacy: It’s About the People, Not Just the Data (2014) https://iapp.org/news/a/mobile-privacy-its-about-the-people-not-just-the-data/
• Ordinary people must have a say in deciding the future of the web (2012) http://www.theguardian.com/media-network/media-network-blog/2012/dec/13/future-web-governance-standards
• Fear, uncertainty and DroidDream – what’s next for mobile security? (2012) http://www.theguardian.com/media-network/media-network-blog/2012/feb/29/mobile-security-droiddream-fear-uncertainty
• How phone hacking worked and how to make sure you’re not a victim (2011) https://nakedsecurity.sophos.com/2011/07/08/how-phone-hacking-worked
• Chrome Web Store has same security problem as Android Market (2011) http://www.h-online.com/security/news/item/Chrome-Web-Store-has-same-security-problem-as-Android-Market-1251823.html
• ‘Super Mario’ runs amok in Chrome Web app store http://www.nbcnews.com/id/43160007/ns/technology_and_science-security

Selected radio and video interviews

• The Comms Risk Show, Security for Networked Devices: https://tv.commsrisk.com/season-1-episode-3/
• ITSP Black Hat 25 & DEF CON 30 Live Streaming Coverage with ITSPmagazine, David Rogers (2022): https://www.youtube.com/watch?v=aReaLHRu6aM
• Security Nation Podcast: David Rogers on IoT Security Legislation (2022): https://www.rapid7.com/blog/post/2022/03/30/security-nation-david-rogers-on-iot-security-legislation/ Spotify link: https://open.spotify.com/episode/3jK86JwADryVHUgpM0aFam?si=_Bg1O_LiQIm25MTDZZrDmA, Apple podcasts link: https://podcasts.apple.com/gb/podcast/david-rogers-on-iot-security-legislation/id1124543784?i=1000555748305
• ITSP Redefining CyberSecurity Podcast With Sean Martin: Device Security, Consumer Privacy, And The Internet Of Things. Mapping International Laws And Regulations To The Internet. A Conversation With David Rogers (2022): https://itspmagazinepodcast.com/episodes/device-security-consumer-privacy-and-the-internet-of-things-mapping-international-laws-and-regulations-to-the-internet-a-conversation-with-david-rogers-redefining-cybersecurity-podcast-with-sean-martin-DEYe_UEb
• RAG TV, S3E17: https://riskandassurancegroup.org/rag-television/#s3e17
• ITSP Your Everyday Cyber With Limor Kessem And Diana Kelley: Staying Safe In The Kitchen! Smart Cooking Devices, Guest: David Rogers (2020): https://itspmagazinepodcast.com/episodes/staying-safe-in-the-kitchen-smart-cooking-devices-with-guest-david-rogers-ceo-copper-horse-limited-your-everyday-cyber-with-limor-kessem-and-diana-kelley-XyJYBkES
• Security Nation Podcast: How David Rogers’ IoT Security Standards Earned Him Royal Recognition (2019): https://www.rapid7.com/blog/post/2019/07/19/security-nation-how-david-rogers-iot-security-standards-earned-him-royal-recognition/ Spotify link: https://open.spotify.com/episode/5aeOz85hn4TiMcvryPQXX4?si=3v2shIwqT3Kdq2uGKwTN-g Apple podcasts link: https://podcasts.apple.com/gb/podcast/how-david-rogers-iot-security-standards-earned-him/id1124543784?i=1000444853777
• ROCCO Newsdesk: IoT Security (2018): https://www.copperhorse.co.uk/discussing-the-uk-governments-code-of-practice-for-iot-security-and-the-future/
• An Interview with the IoT Security Experts (2016):https://www.youtube.com/watch?v=2D4ZnM_YCuQ
• BCN2016 LatAm Summit: Asegurando el Internet de las cosas: retos y oportunidades (2016): http://www.telesemana.com/bcn2016/2016/03/09/asegurando-el-internet-de-las-cosas-retos-y-oportunidades/
• The Fonecast – Bring Your Own Device: A Faustian Pact? (2013): http://thefonecast.com/Podcasts/ArtMID/540/ArticleID/6804
• CBS News Australia, BTalk Radio Interview – Who’s Listening to Your Messages? (2011): http://www.cbsnews.com/news/whos-listening-to-your-phone-messages-btalk/
• BBC Radio 4, iPM interview – Bluetooth Hacking (2008)

Whitepapers and Research

Some selected and public papers and research:

• The Applicability of Automotive Standards  – (co-authored with James Tyrrell) (2023): https://copperhorse.co.uk/wp-content/uploads/2023/01/The-Applicability-of-Automotive-Cybersecurity-Standards-2023.pdf (pdf)
• The State of Vulnerability Disclosure Policy (VDP) Usage in Consumer IoT in 2022 (co-authored with Rohan Panesar and Mark Neve) (2023): https://copperhorse.co.uk/wp-content/uploads/2023/03/IoTSF-Release-The-State-of-Vulnerability-Disclosure-Usage-in-Global-Consumer-IoT-in-2022.pdf [Note: this is a series which has been running since 2018. Previous reports can be found at: https://www.iotsecurityfoundation.org/best-practice-guidelines/
• Effectively Addressing the Challenge of Securing Connected and Autonomous Vehicles: https://copperhorse.co.uk/wp-content/uploads/2021/10/Effectively-Addressing-the-Challenge-of-Securing-Connected-and-Autonomous-Vehicles-Secure-CAV-Copper-Horse.pdf (pdf) (2021)
• Securing IoT Solutions by Design: A Guide to Securing IoT Devices and Services at Scale (2019)

Conference Organisation

• Annual GSMA Device Security Group meeting, California  – Organiser and Chair (2013-2018)
• UKTI Annual Cyber Security in the Mobile World Seminar Series, Mobile World Congress – Organiser and host (2012-2016)
• W3C Hardware-backed Secure Services Workshop – Organiser and Co-Chair: https://github.com/w3c/websec/wiki/Hardware-Security

Judge

Industry awards judging:

• Global Mobile Awards ‘The Oscars of the Mobile Industry’ (2012-Present)

Judge in the most prestigious awards in the mobile industry in the “Best Mobile Security or Anti-Fraud Solution” and “Best Mobile Authentication & Security Solution” category, presented at Mobile World Congress. https://www.mwcbarcelona.com/mobile-awards

• Small Cell Industry Awards (2016-2017):

Lead Judge in the “Excellence in commercial deployment (residential)” and “Social Impact – Promoting Small Cells for Social/Economic/Environmental Development”: http://www.smallcellforum.org/events/awards/