cyber security – Copper Horse

November 7, 2023

Connected but at risk: IoT manufacturers continue to fail despite imminent regulation

Today marks the publication of the IoT Security Foundation’s sixth annual report into the adoption of vulnerability disclosure by manufacturers in the consumer IoT space. We’re grateful for HackerOne’s continued support for Copper Horse to create this important work. They have respected our need to...

IoT Security

January 31, 2023

Who pays? Examining the costs of automotive cybersecurity and related standards

During its two-year participation in Secure-CAV (a project focusing on advanced cybersecurity for connected and autonomous vehicles) Copper Horse had the opportunity to examine the automotive cybersecurity standards landscape. One of the subsequent outputs based on this work was a living list – published to...

Automotive Security

January 24, 2023

With Legislation Mandating Vulnerability Disclosure for Consumer IoT, the Industry Still Falls Short

We’re pleased to announce that the IoT Security Foundation has released the latest annual report examining the state of vulnerability disclosure in the consumer internet of things (IoT) space. The report was created by Copper Horse with the support of HackerOne. You can find out...

IoT Security

December 9, 2022

Reviewing the App Store Ecosystem

The UK’s Department for Digital, Media, Culture & Sport (DCMS) commissioned Copper Horse to research the current situation in the app store ecosystem, reviewing app stores for various devices. We’re pleased to be able to publish the resulting information as open data for anyone to...

Uncategorized

December 9, 2022

Mapping App Security Standards

Here at Copper Horse we’ve been working on some really interesting projects in conjunction with the UK’s DCMS (Department for Digital, Culture, Media & Sport). We were commissioned to look into the current state of app security standards and recommendations with a view to explore...

Uncategorized

March 3, 2022

History lessons 5: The game of defence and attack

Security is sometimes described as an art form – whether you’re breaking security or making something secure, you have to be creative. It is a continuous game or duel of wits that has played out throughout history from the physical enclaves of castles through to the hardware of connected devices.

History and security

November 4, 2021

Many consumer IoT companies failing to adopt fundamental security measures despite the threat of legislation and regulation

Latest report finds that providers of consumer IoT are less likely to have a readily detectable vulnerability disclosure policy in place than firms operating in the business-to-business space. Published today (4 November 2021), the latest IoT Security Foundation (IoTSF) report examining the adoption of vulnerability disclosure in IoT – commissioned by the IoTSF and prepared by Copper Horse – finds little improvement on...

IoT Security

October 13, 2021

History lessons 3: Confusing the guards and what it means for future hardware chip design

Previously, I talked about how expensive defences can be subverted by a determined and clever adversary. This time I continue the theme of access, but consider the problem of confusion.

History and security

October 4, 2021

History lessons 2: Who has access?

History shows that in the Conwy castle case, the garrison were complacent – even though the Welsh had started to rebel the year before. The ‘trusted’ carpenter should have been let in on his own without anyone else and there should have been additional guards within the main castle such that the attackers were confined to the barbican itself, to be dealt with.

History and security

March 3, 2020

Automotive threat modelling: off-the-shelf solutions

The availability of commercial tools primed with domain-specific knowledge illustrates how threat modelling has begun to focus on the needs of Tier 1 suppliers and OEMs. James Tyrrell shines a light on the use of off-the-shelf solutions and identifies opportunities for collaboration across the automotive threat modelling community.

Automotive Security

Tag: cyber security

Connected but at risk: IoT manufacturers continue to fail despite imminent regulation

Who pays? Examining the costs of automotive cybersecurity and related standards

With Legislation Mandating Vulnerability Disclosure for Consumer IoT, the Industry Still Falls Short

Reviewing the App Store Ecosystem

Mapping App Security Standards

History lessons 5: The game of defence and attack

Many consumer IoT companies failing to adopt fundamental security measures despite the threat of legislation and regulation

History lessons 3: Confusing the guards and what it means for future hardware chip design

History lessons 2: Who has access?

Automotive threat modelling: off-the-shelf solutions