The picture above is of a coffee cup we gave out as swag at our very first security summit back in 2003. We've been holding internal security summits about twice a year since then. It's an opportunity to bring together different teams working on security, provide updates, disseminate knowledge, share stories, recruit new people to the cause, and generally network. These events have been, and continue to be, extremely useful for fostering a security culture, raising visibility for key initiatives, and building and maintaining momentum. With time, though, we recognized an inherent limitation in keeping these events internal. We are a part of a large and complex ecosystem and real progress will require participation of all the players.
So last year, for the first time, we opened up our security summit to the broader mobile security community. We invited security teams from our OEM customers and mobile operators to join together along with well-known security researchers in the field to present and discuss important security issues in the mobile ecosystem, such as mobile OS security, hardware and software security, attack intelligence, incident response, and device patching. The hallway track and the roundtable discussions were particularly illuminating and I believe everyone went away more informed and better equipped to make a positive impact.
This unique event gathered security professionals from more than 50 organizations, representing major network operators, device manufacturers, mobile platform providers, academia, and the applied security research community. For product security engineers it was an opportunity to see some of the most relevant mobile security research in one venue and to meet the leading researchers in the space. For security researchers it was a chance to meet engineers on the other side of vendors’ security@ email addresses and to get direct access to people in a position to act on their findings.
We were overwhelmed by the participation and all the positive feedback we received during and after the Qualcomm Mobile Security Summit 2014. We are thrilled to do it again in 2015 and we hope that you can join us April 30th and May 1st, at Qualcomm’s Irwin Jacobs Hall in San Diego, for another great event! The topics of the presentations and breakout sessions include:
- The mobile threat landscape
- Mobile platform security and countermeasures
- Vulnerability detection
- Targeted attacks and mitigations
- Exploit reverse engineering and incident response
- Secure development lifecycle for mobile devices
- Secure configuration by default
- Patching and device updates
- User privacy
If you have new research results or interesting stories from the trenches in one of those areas, we invite you to share them with the community. To submit a presentation proposal for the summit, please send an abstract to firstname.lastname@example.org by February 13th. Acceptance notifications will be sent by February 27th.
PS. And this time there will be post-summit paintball!