Is Us Protecting The Public Good The Cavalry is us Protecting the public good Nicholas J Percoco Joshua Corman c7five joshcorman Nicholas J Percoco Director Information Protection ID: 235548
Download Presentation The PPT/PDF document "The Cavalry" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
The Cavalry Is Us
Protecting The Public GoodSlide2
The Cavalry is usProtecting the public good
Nicholas J. Percoco Joshua Corman
@c7five @
joshcormanSlide3
Nicholas J. Percoco Director, Information Protection KPMG LLP Advanced Threat Defense, Security Research THOTCON founder, Ran SpiderLabsSlide4
Joshua Corman Director, Security Intelligence Akamai Father, Husband, Citizen Adversaries,
DevOps
, Internet of Things
Rugged Software, “Building a Better Anonymous”Slide5
Agenda Why are we here? Where have we been? Where are we going? How can you get involved?Slide6
Why are we Here?Chapter 1Slide7
The beauty of Rock BottomSlide8
Nick’s DreamsSlide9
Josh’s SharksSlide10Slide11
CC : From
: http://
www.flickr.com
/photos/
maiabee
/2760312781/Slide12
We gave a TALKSlide13
Important Things Body Mind SoulSlide14
Human Life Vs. Digital Life
http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum
/Slide15
Slide16
Life
Rights
CritInfr
IP
PII
CCN
REPLACEABILITYSlide17
Which Browser Is Most Secure?Slide18
Which
MOBILE
Is Most Secure?Slide19
Which Car
Is Most Secure?Slide20
Which Insulin pump Is Most Secure?Slide21
Which
THING
Is Most Secure?Slide22
Someone will come to the Rescue before it’s Too LateSlide23
The Cavalry Isn’t ComingSlide24
IT’s Up To UsSlide25
Converging upon… Focusing on security that affects personal lives Getting outside the echo chamber Teaming w/ stake holders in the public
Technically literate ambassadors of our trade
Making the issues accessible
Getting results!Slide26
Where have we been?Chapter 2Slide27
TIMELINE
8/13
BSidesLV
DEF CON 21
9
/13
DerbyCon
Congress
10/13
LASCON
11/13
TEDx
AppSecUSA
12/13
BlueHat
1
/14
ShmooCon
?Slide28
TIMELINE
8/13
BSidesLV
DEF CON 21
9
/13
DerbyCon
Congress
10/13
LASCON
11/13
TEDx
AppSecUSA
12/13
BlueHat
1
/14
ShmooCon
?Slide29
Journey(S) Hobby->Profession->Lives (2) Personal Rock Bottom->Find Others (<10) Building the Guild->Shared Concerns/Identity (100)
Discovery->Missions/Goals/Plans (300)
Execution->Teaming with Concern Citizens (1000s)Slide30
Derbycon 2013: First Meeting Sept 28 + 29 100+ hackers Enough flipcharts…and deodorant Thanks, Dave Kennedy!Slide31
Derbycon 2013: Facilitators/SMEsAndrea Matwyshyn (Legal)*Adam Brand (Structure)Beau Woods (Approach)
Chort0 (Guild)
Craig
Smith (Auto)
Emily
Pience
Jay Radcliffe (Medical)
Josh Corman
Katie
Moussouris
(k8em0)
Space Rogue (Media)
* Guest SpeakerSlide32
Derbycon 2013: Agenda What conditions exist that we don’t like? What are the causes
of the conditions?
What should be done to
eliminate the causes
?Slide33
Derbycon 2013: AREAS Medical Auto Law MediaSlide34
Derbycon 2013: Outcomes Knowledge sharing about what is going on Tons of new ideas
on how to solve problems
More
agreement
than differencesSlide35
Links to Videos/PODCASTS BSIDES LV 2013 - http://bit.ly/16YbpC1
DEF CON 21 -
DERBYCON 2013 -
http://bit.ly/
1fYUCVI
LASCON 2013
-
LOOPCAST
Ep
88-
http://bit.ly/
1a41cpk
SOUTHERN FRIED
SECURITY
Ep
115 -
http://bit.ly/
1amYdbC
PAULDOTCOM
Ep
352 -
http://bit.ly/1fzaqgP
TEDx
Sharks/Security/IoT -
http://bit.ly/1bBB6JRSlide36
Where are we going?Chapter 3Slide37
Organize, For Action American Bar Association American Medical Association What do we have to be?Slide38
Could We, SHOULD WE Do good through targeted research Get the right message out (media teaming) Change or prevent bad cyber security laws
Education and AwarenessSlide39
This Will Never Work We are techiesNot safety people, not PR people, not lawyers Screw themWe told them, but they wouldn’t listen
The problems are too large
The war was lost a long time agoSlide40
finding common ground? WHAT? WHEN? HOW? Chances of Success/FailureSlide41
Still to Work onIdentityMission – What we exist to do (started at Derby)
Values
– What we believe
Nature – What form we will
take/what our core work is
Vision
What
we
want
to achieve and by when
What we intend to look like in X years
Plan
What
we
need to
do and
by
whenSlide42
How do you get involved?Chapter 4Slide43
UPCOMING EVENTS December: Microsoft BlueHat January: ShmooCon
/ OWASP
AppSec
CA
March: RSA Conference 2014 (?)
April: THOTCON 0x5 / SOURCE Boston (?)
Also, many
BSides
globally
August:
Adjacent to Black Hat
/
DEF CONSlide44
We Need You Experience with medical device, auto industries Media wrangling expertise Lobbying/Policy experienceOrganizational/Visual skills
… or just passion to helpSlide45
How to Get involved - OWASP Breakers Builders Citizens Parents/Guardians
Community
Leaders/Bloggers
/
Podcasters/
etcSlide46
Ideas, comments, Help @iamthecavalry Google Group:http://bit.ly/thecavalry Slide47
Never Doubt that a Small group of thoughtful, committed citizens can change the world; It’s the Only thing that ever has.- Margaret MEAD(an American cultural anthropologist)Slide48
Security of ConsequenceFin