Download presentation
Presentation is loading. Please wait.
Published byMiriam Amerson Modified over 9 years ago
1
The Cavalry Is Us Protecting The Public Good
2
THE CAVALRY IS US PROTECTING THE PUBLIC GOOD Nicholas J. PercocoJoshua Corman @c7five@joshcorman
3
NICHOLAS J. PERCOCO Director, Information Protection KPMG LLP Advanced Threat Defense, Security Research THOTCON founder, Ran SpiderLabs
4
JOSHUA CORMAN Director, Security Intelligence Akamai Father, Husband, Citizen Adversaries, DevOps, Internet of Things Rugged Software, “Building a Better Anonymous”
5
AGENDA Why are we here? Where have we been? Where are we going? How can you get involved?
6
WHY ARE WE HERE? Chapter 1
7
THE BEAUTY OF ROCK BOTTOM
8
NICK’S DREAMS
9
JOSH’S SHARKS
11
CC : From: http://www.flickr.com/photos/maiabee/2760312781/
12
WE GAVE A TALK
13
IMPORTANT THINGS Body Mind Soul
14
HUMAN LIFE VS. DIGITAL LIFE http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum/
15
Countermeasures Situational Awareness Operational Excellence Defensible Infrastructure
16
LifeRightsCritInfrIPPIICCN Counter- measures Situational Awareness Operational Excellence Defensible Infrastructure REPLACEABILITY
17
WHICH BROWSER IS MOST SECURE?
18
WHICH MOBILE IS MOST SECURE?
19
WHICH CAR IS MOST SECURE?
20
WHICH INSULIN PUMP IS MOST SECURE?
21
WHICH THING IS MOST SECURE?
22
SOMEONE WILL COME TO THE RESCUE BEFORE IT’S TOO LATE
23
THE CAVALRY ISN’T COMING
24
IT’S UP TO US
25
CONVERGING UPON… Focusing on security that affects personal lives Getting outside the echo chamber Teaming w/ stake holders in the public Technically literate ambassadors of our trade Making the issues accessible Getting results!
26
WHERE HAVE WE BEEN? Chapter 2
27
TIMELINE 8/13 BSidesLV DEF CON 21 9/13 DerbyCon Congress 10/13 LASCON 11/13 TEDx AppSecUSA 12/13 BlueHat 1/14 ShmooCon?
28
TIMELINE 8/13 BSidesLV DEF CON 21 9/13 DerbyCon Congress 10/13 LASCON 11/13 TEDx AppSecUSA 12/13 BlueHat 1/14 ShmooCon?
29
JOURNEY(S) Hobby->Profession->Lives (2) Personal Rock Bottom->Find Others (<10) Building the Guild->Shared Concerns/Identity (100) Discovery->Missions/Goals/Plans (300) Execution->Teaming with Concern Citizens (1000s)
30
DERBYCON 2013: FIRST MEETING Sept 28 + 29 100+ hackers Enough flipcharts …and deodorant Thanks, Dave Kennedy!
31
DERBYCON 2013: FACILITATORS/SMES Andrea Matwyshyn (Legal)* Adam Brand (Structure) Beau Woods (Approach) Chort0 (Guild) Craig Smith (Auto) Emily Pience Jay Radcliffe (Medical) Josh Corman Katie Moussouris (k8em0) Space Rogue (Media) * Guest Speaker
32
DERBYCON 2013: AGENDA What conditions exist that we don’t like? What are the causes of the conditions? What should be done to eliminate the causes?
33
DERBYCON 2013: AREAS Medical Auto Law Media
34
DERBYCON 2013: OUTCOMES Knowledge sharing about what is going on Tons of new ideas on how to solve problems More agreement than differences
35
LINKS TO VIDEOS/PODCASTS BSIDES LV 2013 - http://bit.ly/16YbpC1http://bit.ly/16YbpC1 DEF CON 21 - DERBYCON 2013 - http://bit.ly/1fYUCVIhttp://bit.ly/1fYUCVI LASCON 2013 - LOOPCAST Ep 88- http://bit.ly/1a41cpkhttp://bit.ly/1a41cpk SOUTHERN FRIED SECURITY Ep 115 - http://bit.ly/1amYdbChttp://bit.ly/1amYdbC PAULDOTCOM Ep 352 - http://bit.ly/1fzaqgPhttp://bit.ly/1fzaqgP TEDx Sharks/Security/IoT - http://bit.ly/1bBB6JRhttp://bit.ly/1bBB6JR
36
WHERE ARE WE GOING? Chapter 3
37
ORGANIZE, FOR ACTION American Bar Association American Medical Association What do we have to be?
38
COULD WE, SHOULD WE Do good through targeted research Get the right message out (media teaming) Change or prevent bad cyber security laws Education and Awareness
39
THIS WILL NEVER WORK We are techies Not safety people, not PR people, not lawyers Screw them We told them, but they wouldn’t listen The problems are too large The war was lost a long time ago
40
FINDING COMMON GROUND? WHAT? WHEN? HOW? Chances of Success/Failure
41
STILL TO WORK ON 1.Identity Mission – What we exist to do (started at Derby) Values – What we believe Nature – What form we will take/what our core work is 2.Vision What we want to achieve and by when What we intend to look like in X years 3.Plan What we need to do and by when
42
HOW DO YOU GET INVOLVED? Chapter 4
43
UPCOMING EVENTS December: Microsoft BlueHat January: ShmooCon / OWASP AppSec CA March: RSA Conference 2014 (?) April: THOTCON 0x5 / SOURCE Boston (?) Also, many BSides globally August: Adjacent to Black Hat / DEF CON
44
WE NEED YOU Experience with medical device, auto industries Media wrangling expertise Lobbying/Policy experience Organizational/Visual skills … or just passion to help
45
HOW TO GET INVOLVED - OWASP Breakers Builders Citizens Parents/Guardians Community Leaders/Bloggers/Podcasters/etc
46
IDEAS, COMMENTS, HELP @iamthecavalry Google Group: http://bit.ly/thecavalry
47
NEVER DOUBT THAT A SMALL GROUP OF THOUGHTFUL, COMMITTED CITIZENS CAN CHANGE THE WORLD; IT’S THE ONLY THING THAT EVER HAS. - MARGARET MEAD (AN AMERICAN CULTURAL ANTHROPOLOGIST)
48
SECURITY OF CONSEQUENCE Fin
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.