Tosibox CTO Pekka Sillanpää

Pekka Sillanpää is the Chief Technology Officer at Tosibox Oy. He has been working in the field of cyber security since 2005 as a Cyber Security Consultant in both technical penetration testing assignments and risk management consultation, after being a software developer for some years. Pekka is also one of the leaders of the OWASP Helsinki chapter.


Pekka Sillanpää’s interest has been in web application and IoT security, but also the business risk based situational awareness perspective has played a major role in his career during the past years. Pekka has talked about these topics for many years in various events. Here is a summary of his latest presentation:


Security must be transparent and built-in

We are surrounded by computers that control things that make our life possible on this planet. All these things are connected to us through the internet, forming the Internet of Everything (IoE). To ensure reliable communication – and for authorized people only – security must be on an appropriate level. These devices and networks are often too vulnerable for malicious parties to gain control.

This presentation explains how to use these things securely and ensure they are by default protected against the typical threats in the field. Their use should be made transparent enough for anyone to verify, and simple enough to use preventing security weaknesses in configuration. The presentation touches related topics on a general level; security architecture, secure connectivity, bug bounty programs, trusted platform modules, multi-factor authentication and secure programming practices – all relevant for organizations dealing with IoT. All topics come with practical examples in the industry.