Computing has changed since the 50s except for security; nowhere is this more apparent than in the IoT. This is because our current security paradigm is outdated, especially the 'static' security, which assumes the threat landscape is static and could be predetermined. The session speaker will describe the old security paradigm (static security) and the new one: dynamic and data-driven security.