IOActive Appoints Industry Expert Barnaby Jack as Director of Embedded Device Security

Share Article

Jack to leverage 11 years of security research expertise to expand IOActive's offerings around embedded device security

Barnaby brings a rare blend of passion and skill to his work and that combination, teamed with IOActive’s already stellar team, will significantly strengthen both our research and our service offerings.

IOActive, the forerunner in research-driven global security and compliance services for software, hardware, and the cloud, today announced that Barnaby Jack will be returning to IOActive as the Director of Embedded Device Security. Over the course of his highly successful career, Jack has focused on a multitude of exploitable targets such as low-level Windows drivers, enterprise and consumer grade routers, onboard computers in cars and Automated Teller Machines. Jack is well-known for his earlier work with IOActive when he demonstrated risks to the security of ATMs, with his now-famous "Jackpotting ATMs" presentation at Blackhat 2010, where he demonstrated how he could remotely dispense money across multiple ATMs.

From consumer electronics to medical devices and critical infrastructure, the increased popularity of embedded systems is driving a whole new wave of threats that traditional security methods do not detect or protect against. In his new role, Jack will be spearheading the research and services division, with a strong focus on developing the tools and methodology to access these often overlooked devices. Following the recent acquisition of Flylogic and appointment of Chris Tarnovsky as Vice President of Semiconductor Security Services, this announcement further highlights IOActive’s commitment to driving a holistic approach to measuring and quantifying this threat.

“IOActive strives to be at the forefront of the industry in enabling the development of secure solutions across critical technologies. Barnaby’s commitment to affecting change and striving for secure solutions is perfectly aligned with our core values and we’re excited to have him on board to help drive this mission,” said Jennifer Steffens, IOActive’s Chief Executive Officer. “Barnaby brings a rare blend of passion and skill to his work and that combination, teamed with IOActive’s already stellar team, will significantly strengthen both our research and our service offerings.”
“I’ve been heavily involved with researching embedded devices for years and I’m thrilled to be rejoining IOActive to finally focus on affecting change in the industry. IOActive has an amazingly talented team and I truly believe that together we can accomplish great things”, said Jack. “I’m looking forward to contributing ground-breaking research, bringing new threats to light, and working with the IOActive team to develop unique solutions to secure against them.”

Jack also has been credited with the discovery of numerous vulnerabilities and has published multiple papers on new exploitation methods and techniques. His work has been featured in many major media outlets, including CNN, Forbes, MSNBC, Reuters and Wired. Often called upon for his opinions regarding the future of security research, Jack has been an invited speaker at international security conferences in both the government and private sectors, including Black Hat, CanSecWest, IT-Defense and SysCan.

Prior to joining IOActive, Jack was a research architect with McAfee’s TRACE research team. Jack's role within TRACE involved researching new and emerging threats with a specific focus on embedded technology.

About IOActive
Established in 1998, IOActive is an international industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, BlueHat, CanSec, and WhatTheHack. For more information, visit

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Chris Tilton
Email >
Follow us on
Visit website