480 likes | 699 Views
The Cavalry Is Us. Protecting The Public Good. The Cavalry is us Protecting the public good. Nicholas J. Percoco Joshua Corman @c7five @ joshcorman. Nicholas J. Percoco. Director, Information Protection KPMG LLP Advanced Threat Defense, Security Research
E N D
The Cavalry Is Us Protecting The Public Good
The Cavalry is usProtecting the public good Nicholas J. Percoco Joshua Corman @c7five @joshcorman
Nicholas J. Percoco • Director, Information Protection • KPMG LLP • Advanced Threat Defense, Security Research • THOTCON founder, Ran SpiderLabs
Joshua Corman • Director, Security Intelligence • Akamai Father, Husband, Citizen • Adversaries, DevOps, Internet of Things • Rugged Software, “Building a Better Anonymous”
Agenda • Why are we here? • Where have we been? • Where are we going? • How can you get involved?
Chapter 1 Why are we Here?
Important Things • Body • Mind • Soul
Human Life Vs. Digital Life http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum/
Converging upon… • Focusing on security that affects personal lives • Getting outside the echo chamber • Teaming w/ stake holders in the public • Technically literate ambassadors of our trade • Making the issues accessible • Getting results!
Chapter 2 Where have we been?
TIMELINE 8/13 BSidesLV DEF CON 21 9/13 DerbyCon Congress 10/13 LASCON 11/13 TEDx AppSecUSA 12/13 BlueHat 1/14 ShmooCon?
TIMELINE 8/13 BSidesLV DEF CON 21 9/13 DerbyCon Congress 10/13 LASCON 11/13 TEDx AppSecUSA 12/13 BlueHat 1/14 ShmooCon?
Journey(S) • Hobby->Profession->Lives (2) • Personal Rock Bottom->Find Others (<10) • Building the Guild->Shared Concerns/Identity (100) • Discovery->Missions/Goals/Plans (300) • Execution->Teaming with Concern Citizens (1000s)
Derbycon 2013: First Meeting • Sept 28 + 29 • 100+ hackers • Enough flipcharts • …and deodorant • Thanks, Dave Kennedy!
Derbycon 2013: Facilitators/SMEs • Andrea Matwyshyn (Legal)* • Adam Brand (Structure) • Beau Woods (Approach) • Chort0 (Guild) • Craig Smith (Auto) • Emily Pience • Jay Radcliffe (Medical) • Josh Corman • Katie Moussouris (k8em0) • Space Rogue (Media) * Guest Speaker
Derbycon 2013: Agenda • What conditions exist that we don’t like? • What are the causes of the conditions? • What should be done to eliminate the causes?
Derbycon 2013: AREAS • Medical • Auto • Law • Media
Derbycon 2013: Outcomes • Knowledge sharing about what is going on • Tons of new ideas on how to solve problems • More agreement than differences
Links to Videos/PODCASTS • BSIDES LV 2013 - http://bit.ly/16YbpC1 • DEF CON 21 - • DERBYCON 2013 - http://bit.ly/1fYUCVI • LASCON 2013 - • LOOPCAST Ep 88- http://bit.ly/1a41cpk • SOUTHERN FRIED SECURITY Ep 115 - http://bit.ly/1amYdbC • PAULDOTCOM Ep 352 - http://bit.ly/1fzaqgP • TEDx Sharks/Security/IoT - http://bit.ly/1bBB6JR
Chapter 3 Where are we going?
Organize, For Action • American Bar Association • American Medical Association • What do we have to be?
Could We, SHOULD WE • Do good through targeted research • Get the right message out (media teaming) • Change or prevent bad cyber security laws • Education and Awareness
This Will Never Work • We are techies • Not safety people, not PR people, not lawyers • Screw them • We told them, but they wouldn’t listen • The problems are too large • The war was lost a long time ago
finding common ground? • WHAT? • WHEN? • HOW? • Chances of Success/Failure
Still to Work on • Identity • Mission – What we exist to do (started at Derby) • Values – What we believe • Nature – What form we will take/what our core work is • Vision • What we want to achieve and by when • What we intend to look like in X years • Plan • What we need to do and by when
Chapter 4 How do you get involved?
UPCOMING EVENTS • December: Microsoft BlueHat • January: ShmooCon / OWASP AppSec CA • March: RSA Conference 2014 (?) • April: THOTCON 0x5 / SOURCE Boston (?) • Also, many BSides globally • August: Adjacent to Black Hat / DEF CON
We Need You • Experience with medical device, auto industries • Media wrangling expertise • Lobbying/Policy experience • Organizational/Visual skills • … or just passion to help
How to Get involved - OWASP • Breakers • Builders • Citizens • Parents/Guardians • Community Leaders/Bloggers/Podcasters/etc
Ideas, comments, Help • @iamthecavalry • Google Group: • http://bit.ly/thecavalry
Never Doubt that a Small group of thoughtful, committed citizens can change the world; It’s the Only thing that ever has.- Margaret MEAD(an American cultural anthropologist)
Fin Security of Consequence