InfoSec Philosophies for the Corrupt Economy

Presented at Black Hat USA 2018, Aug. 8, 2018, 5:05 p.m. (25 minutes).

The majority of systematic approaches to information security are created by contributors from stable nation states, where the design assumes that the originator is wholesome and true, the playing field is lush and green and the children frolic care-free making daisy-chain bracelets. This talk discusses the realities of corruption, with real-life anecdotes from interviews conducted with real criminals and victims. This talk also explains the challenges and differences between trying to 'do' information security in developed and developing countries, where often corruption can derail security efforts and the people put in place to run the show are working against you. I also discuss typical challenges of working in difficult climates, how this can impact us (as security warriors), with first-hand accounts from those involved and some of the things we can do to combat corruption.

A basic understanding of threat modelling and a slightly dark sense of humour are advantageous in getting the most out of this talk.


Presenters:

  • Lawrence Munro - Worldwide VP, Trustwave SpiderLabs
    Lawrence Munro is the Worldwide VP of SpiderLabs, a Post-Graduate Student at Oxford University and Director for B-Sides London. He regularly presents at conferences on range of topics, but normally: red teaming, education in Infosec, and weird research side-projects. He writes often, with much of the content appearing in the industry press such as DarkReading, Huffington Post, Threat Post and InfoSec Magazine. He's also currently writing a book for O'Reilly about technical security assessments. Lawrence also owns Hackarmoury.com and blogs at Pentesticles.com.

Links:

Similar Presentations: