IoT hardware is fundamentally harder to secure than software - more interfaces, more complexity and a significantly larger attack surface for adversaries to exploit. What makes this especially challenging is the success-popularity mismatch unique to IoT: the company that built a device may have long since disappeared, but the device itself remains deployed, unpatched and in use for years or decades. Security must hold not just at launch, but for the entire operational lifespan of the product.

This session, led by Yossi Oren of Ben-Gurion University, will cover:

• Why IoT devices must remain secure for as long as they remain useful, and why that window is far longer than most manufacturers plan for;
• How modernizing a legacy IoT device adds functionality but compounds trust dependencies and attack surface simultaneously;
• How AI is changing the threat landscape for IoT - lowering barriers for attackers while offering new tools for defenders.