IOActive to Present at SANS Process Control and SCADA Security Summit

Founder and President, Josh Pennell, will participate in a panel discussing best practices for overcoming security vulnerabilities disocvered in the Smart Grid

Seattle, Wash—October 26, 2009. IOActive, a leading provider of software assurance, compliance, and smart grid security services, today announced that its founder and President, Josh Pennell, will participate in a panel at the SANS Process Control and SCADA Security Summit discussing Security Considerations in Smart Grid and Advanced Meters, and What is Being Done.

With the push for greener, more efficient energy distribution, the Smart Grid has quickly become a reality. IOActive is at the forefront of Smart Grid security efforts, using its extensive research to provide recommendations the industry can utilize to better secure the Smart Grid infrastructure. This panel will discuss the security vulnerabilities that have been uncovered in Smart Grid technologies, as well as what is being done to overcome these obstacles in order to enjoy the many benefits that the Smart Grid promises.

"Based on our research and the ability to easily introduce serious threats, IOActive believes that the relative security immaturity of the Smart Grid and AMI markets warrants the adoption of proven industry best practices—including the requirement that independent third parties assess the security of all Smart Grid technologies being proposed for deployment," said Pennell. "We are also recommending that the Smart Grid industry follow a proven, formal Security Development Lifecycle—as exemplified by Microsoft's Trustworthy Computing initiative of 2001—to guide and govern the future development of Smart Grid technologies."

WHAT  Security Considerations in Smart Grid and Advanced Meters, and What is Being Done

WHERE  Hilton Stockholm Slussen. Guldgrand 8, P.O. Box 15 270, SE-104 65 Stockholm, Sweden

WHEN  October 28, 2009. 10:30 am – 12:00 pm

HOW  For more information about the Sans Summit, visit their website.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, Tiller Beauchamp, Ward Spangenberg, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

About Josh Pennell
As its founder and President, Josh Pennell identifies emerging markets in need of information security services, guiding IOActive to becoming a thought leader in the industry. Having successfully positioned IOActive as a leading boutique computer security firm in the United States, Pennell now focuses on increasing IOActive's presence in the EMEA market. His extensive computer security experience comprises more than 10 years as an impassioned security strategist and creator of strategic business initiatives. Pennell's business, technical, and sales efforts have driven IOActive to become a top contender in the boutique security consultancies, and one of only three firms in the world to perform the Microsoft Vista final code review.

Pennell played an integral role in the audit and security implementation of the United State's first binding, online election in 2000 and participated on the team that won DefCon's Capture the Flag event for three consecutive years, followed by another three years of pushing the game to its current cutting-edge state. He serves on the advisory boards for Source, Vantos, and SiteScout, and assists local non-profits with advancing their information security programs.

-###-