Firmware Security: An overlooked threat
By the end of 2018, more than 23 billion devices were connected to the internet. The majority of these devices are vulnerable to exploitation. They can be hacked in just minutes and cause enormous issues. Becoming part of a botnet to perform a mass DDoS attack, being used as a malicious proxy server, exposing personal data passed through them to the hackers and more importantly providing an easy way for hackers to get access to the private networks are just a few cases that already happened to the hacked devices. For example, the $1 million heist on Russian bank started with hack of a branch router.
Insecure firmware as the whole software stack of a device is the main reason for such attacks. Having very old and vulnerable code-bases, containing a huge amount of outdated vulnerable 3rd-parties, and default or hard-coded credentials are of three main issues a lot of firmwares have in common. On the vendor side, it takes considerable amount of time and budget to find those issues in their firmwares and on the enterprise user side the practice of authentic device risk assessment is nearly impossible since those firmwares which are deployed nearly everywhere are completely black boxes to them. That’s why, according to the 2016 ISACA Firmware Security Report, only 8% of enterprises are fully prepared for vulnerabilities related to the firmware or according to the 2018 SANS industrial IoT security survey, firmware is the most vulnerable aspect of the IIoT infrastructure.
As a solution to these security threats, Firmalyzer enterprise developed the first automated firmware security analysis platform for connected devices. We help different stakeholders perform the security compliance checks as well as risk assessment on the IoT connected devices. The platform provides corporate users and service providers with fine-grained and accurate results about the risks arise from the devices with zero impact on their networks or their customer's premises. The only asset stakeholders need to have is the binary firmware of the device they want to analyze and give it as an input to the platform which automatically analyzes the firmware and reports the security risks. After performing asset discovery and prioritization, they can acquire the firmware for the relevant device assets and give them as inputs to the platform which automatically analyzes them and reports their actual risks. The results can be reported to the desired risk management platform and the mitigations or remediations can be applied based upon in different levels.
Regarding the European CyberAct and future regulations especially for IoT devices and the lack of a suitable standard for IoT device security, we work closely with device vendors to perform a comprehensive IoT security compliance check based on the leading practices and provide them with the current state-of-the-art solutions to be able to deliver the most possible secure devices to the market.
We are seeking a freelance professional business development manager located in Antwerp or Brussels who is responsible for:
- Individually prospect new customers to build and maintain a robust sales pipeline
- Develop expert knowledge of our IoT security solutions to be able to confidently meet with senior-level executives and deliver presentations
- Collaborate with the leadership team defining the Business Development Strategy, global plan and partner map
- Research and understand the market including competitor analysis
- Manage the complete sales cycle from lead research, pitching and closing sales opportunities
Skills and experience:
- Minimum of 5 years of work experience in Business Development function
- Experience achieving sales targets in a commercial or software sales role
- Good experience in both inside and outside sales or sales development
- Experience/knowledge of cybersecurity industry
- Experience/knowledge of embedded/IoT/connected devices supply chain ( vendors, system integrators and corporate users) is a plus
- Ability to meet timelines, multi-task and prioritize business needs
- Must be able to manage multiple stakeholders
- Excellent verbal and written, interpersonal and presentation skills
- Good Negotiating skills and customer orientation
- A quick learner, passionate about problem-solving and constantly improving the commercial knowledge
- Strong work ethic, positive and proactive attitude is a must
- Business level fluency in English, additional language skills are a plus
Are you interested in being involved in an innovative business providing enterprise-level cybersecurity solutions?
Send your Resume
Job posted on 13/9/2019
Location: Antwerp or Brussels