Last week we listed the top 10 mobile security blogs that have made an impact on our security best practices and I'm sure to yours as well. Over the last few years, we have seen an alarming increase in security breaches that has changed the way we look at cyber security. The total number of data records compromised from the high-profile breaches of 2015 amounted to more than 175 million records.
I'm an avid security enthusiast who has been constantly keeping a tab on the latest things happening in the security space. This week I want to share my list of the top 17 mobile security experts who have and still are making significant impacts to the cyber security ecosystem.
After working with Disney, TiVo and SalesForce, Adam is currently the Chief Information Security Officer of Wallmart. His company was Bluebox Security which got acquired by LookOut.com. Adam advises startups and Fortune 500 companies, has been a contributing author to numerous publications. He holds CISSP, CISA, and NSA IAM certifications.[bctt tweet="Data flow through mobile applications is greater than any systems in the organization @adamely" username="appknox"]
A company should not kick out a tech guy if he finds exploits in their platform. But Apple did! Apple fired Charlie because he found vulnerabilities in the App Store. Charlie is one of the hottest celeb when it comes to mobile security. He is ex-Apple, ex-Twitter, ex-NSA and currently working with Uber. Recently, he and his fellow cybersecurity researcher Collin Mulliner claimed that every iPhone in this world can be hijacked by sending one simple message. He wrote a book with Dino Dai Zovi "The Mac Hacker's Handbook" and I recommend you to read his book, if you want your MAC OS to be secured in a better way. Regardless of what people think, Charlie tops my list of mobile security experts.[bctt tweet="People make money by building new things, and the faster they can do it, the better @0xcharlie" username="appknox"]
Christopher talks much about Government surveillance and mobile phone surveillance. In his TED talk, he lays emphasis on the work ethics of the Silicon Valley who has a strong encryption policy so that people cannot surveillance them. It is true what he says - if terrorists' smartphones can be intercepted, ours can be too!
Soghoian first gained public attention in 2006 as the creator of a website that generated fake boarding passes for Northwest Airlines. At DEF CON, he highlighted the existence of a dedicated FBI team that delivers malware to the mobile devices of surveillance targets. If Internet is Tennis, Soghoian is called the "Ralph Nader of the Internet" amongst all the mobile security experts.[bctt tweet="Use #tools not because they are cheap and easy, use them because they are #secure @csoghoian" username="appknox"]
Dino Dai Zovi
Dino quotes himself as a security researcher, professional, presenter, and author who has focused on discovering and communicating security vulnerabilities for over 15 years. He has many awards to his name, you can look at all his rewards from here and one of his amazing presentation from here. Dino used to appear as a co-host in The Mobile Security Show held by AT&T[bctt tweet="If you cut out cardboard & write #ATM on it, people won't deposit #money @dinodaizovi" username="appknox"]
The only guy in the playlist who loves the Quora genre. Dejan is highly active on Quora and answers all questions within his expertise. Dejan has more than nine years of experience in consulting, and eight years of experience working at executive level positions in the financial sector.
His book 9 Steps to Cybersecurity targets top level executives in enterprises in a very simple and down to earth business language. This makes the non-technical CXOs understand why security is important for them. He has dedicated the last few years mostly to bringing various financial institutions, government agencies, and IT companies into conformity with the requirements for operational risk management, especially in the fields of information security and business continuity. He is the author of the leading ISO 27001 & ISO 22301 Blog.[bctt tweet="Many IT professionals focus on IT benefits instead of focusing on business benefits @Dejan_Kosutic" username="appknox"]
Joshua J. Drake
Joshua J. Drake talks much about reversing by static and dynamic testing. He is the lead author of the Android Hacker's Handbook. Joshua's expertise lie much on analysis, discovery, and exploitation of security vulnerabilities. He has over 10 years of experience auditing and exploiting a wide range of application and operating system software with a focus on Android since early 2012. Joshua is very good at what he does and definitely tops any list of mobile security experts.[bctt tweet="Over 950 million #smartphones and tablets are currently vulnerable to #Stagefright attacks @jduck" username="appknox"]
David would be the perfect person to get in touch with if you are specifically looking for mobile phone industry specialist. He is the founder of copperhorse.co.uk which provides consultancy for mobile security and is highly active on his blog blog.mobilephonesecurity.org. David was the facilitator in Mobile Apps - The Danger of Making Security an Afterthought where he laid emphasis on mobile app security with the panelists.
You can find everything about Jon from his personal website https://jon.oberheide.org. He is the co-founder and CTO of DUO security and partner with Dug Song. Jon has deep expertise in mobile security, cloud security, and malware analysis. In 2011, Jon Oberheide was named one of Forbes 30 under 30 in Technology.
Caleb is the VP of IBM Security. Apart from being a heavy-weight amongst mobile security experts, Barlow has led multiple software product portfolios including application data and critical infrastructure security. Caleb has appeared on worldwide media and has dozens of other publications.[bctt tweet="#Smartphones are ideal target as they contain #Personal, #Private and #Enterprise data @calebbarlow" username="appknox"]
Jennifer now runs the company once she grew up with. She is co-author of one of the best-selling book "Low Tech Hacking: Street Smarts for Security Professionals". The book is about the hacks and heists that are under the radar and are not determined by top federals but cannot be overlooked. With timely and short advice from this book, you can protect yourself with all the cyber threats.[bctt tweet="I see #security as an evolutionary process, something #iterative, #imperfect and #polymorphous @jjx" username="appknox"]
Featured as an expert guest on the Oprah show, Paul was asked about phone call ethics where he replied that his thumb rule is to not to dial anything while driving, not setting a funky ringtone and you shouldn't subject defenseless others to cell phone conversations. Paul describes himself as #Dad #Blogger and #Runner. He has appeared in many publications and he owns his own website where he enlightens users about information security and IoT. He is close to SecurityOfThings.com and is the moderator of 2016 version of it.[bctt tweet="The rapid advance of #MobileTech makes enterprises insecure with the applications @paulfroberts" username="appknox"]
Collin's open source tools were used by some hacking team to make products that will spy on the activists. People were under the misconception that Collin has helped the team to build the tool which is not true, this instance was also mentioned in WikiLeaks where 400GB was leaked. Colling Mulliner worked with Charlie Miller and found out that all the iPhones in the world are vulnerable. Without any doubt, Collin falls in the Leage Of Extraordinary Mobile Security Experts. He is currently the security researcher @ Square.
It is rare to find a celebrity who writes on his twitter handle "Tweets are my own not my employers". Mr. Strazzere writes about Android ethical hacking on his website and users take a keen interest for the same. The best way to get in touch with this person is to keep commenting on his blog post and keep tweeting him.[bctt tweet="#BadDevelopers use #GoodTools to inhibit #PeopleLikeUs @timstrazz" username="appknox"]
Cesar is a world-renowned record holder security researcher and specialist in application security. Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications, including Oracle database server, Yahoo! Messenger, and Twitter. He has published numerous white papers which you can view from his LinkedIn profile.[bctt tweet="I am increasingly concerned about the current #security posture of the world’s infrastructure @cesarcer" username="appknox"]
@pof is the mobile security engineer who has expertise in reverse engineering, R&D and hacking and co-author of Android Hacking Handbook. He has been actively researching security aspects of the Android operating system since its debut with the T-Mobile G1 on October 2008. He used to work with NowSecure and now is a senior security consultant at IOActive.
Thomas has a proven track record of performing cutting edge security research and developing it into tools, techniques, knowledge and services for customers. Previously, he used to challenge other hackers out there who can hack his Bank Vault. He knows about mobile security too and is active on his blog: https://thomascannon.net/blog
Nicholas J. Percoco
Nicholas is ex-IBM and while his tenure @ IBM, he was the senior security consultant. His expertise? He advises customers on how to mitigate and respond to threats using data driving analysis. He is the leading Chief Information Security Officer at Uptake.[bctt tweet="People usually forget the benefit of the #smartphones - like knowing your location! @c7five" username="appknox"]
Appknox helps reduce the effort of security teams by nearly 75%.