PANEL: Privacy or Security: Can We Have Both?

Presented at AppSec USA 2013, Nov. 20, 2013, 1 p.m. (50 minutes)

Often confused with each other, security and privacy are both interdependent (privacy generally requires robust security) and sometimes at odds with each other (security may require sacrificing privacy). While the public's online privacy has taken a big hit in the past decade, it is at least defended by an army of public-interest groups and legal experts. Meanwhile, to many, the public's online security often remains shrouded in technical jargon and barely present in public policy discussions.This panel will explore issues such as these: -When do security measures go "over the line" and begin encroaching on individual privacy? -What privacy rights is the public (or should it be) willing to trade for more security?- Online anonymity gets a lot of lip service. Has it outlived its usefulness? Political dissidents aside, is it now doing more harm than good by shielding criminals while hardly protecting the average user?- Major private and public institutions often fall down on the job of ensuring either cybersecurity or cyberprivacy. What combination of self-regulation, government oversight, and market accountability (in the form of cyber insurance, auditing, and litigation) would most effectively push them to better meet their responsibility to the public and shareholders? Moderator: Jeff Fox, Technology Editor, Consumer Reports and ConsumerReports.org

Presenters:

• Steven Rambam - Founder and CEO - Pallorium, Inc
  Steven Rambam is the founder and CEO of Pallorium, Inc. (http://www.pallorium.com), a licensed Investigative Agency with offices and affiliates worldwide. Since 1981, Pallorium's investigators have successfully closed more than 10,500 cases, ranging from homicide and death claim investigations to missing persons cases to the investigation of various types of sophisticated financial and insurance frauds. Pallorium's online subsidiary, PallTech (www.palltech.us), offers access to numerous data sources, and to seven (7) major proprietary databases, and provides online investigative support services to investigative and law enforcement agencies. DataVerification.Net, a custom web portal owned and operated by PallTech, provides specialized identity verification and underwriting solutions to the insurance industry. Steven has coordinated investigations in more than fifty (50) countries, and in nearly every U.S. State and Canadian province. Steven specializes in international and multi-jurisdictional investigations, investigations of sophisticated frauds and missing person investigations. Many of Mr. Rambam's investigations involve coordination with national authorities, and Steven has received commendations and awards in a number of foreign locations. Steven has also received a number of foreign military decorations, and his activities have been mentioned in the Canadian and Israeli Parliaments. Steven Rambam is perhaps best publicly known for his pro bono activities, which have included the location and investigation of nearly 200 Nazi collaborators and war criminals in the USA, Canada, Europe and Australia. Steven has also coordinated efforts to expose terrorist groups' fundraising activities in the United States and has conducted investigations which resulted in the tightening of airport security in 8 U.S. cities. Steven is a court-recognized expert witness on matters including "investigative techniques", "foreign investigation", "international fugitive recovery", "sophisticated financial frauds", among other topics. Steven holds the "CFE" board certification from the Association of Certified Fraud Examiner, the "CPP", "PSP" and "PCI" board certifications from ASIS International and the "CFCS certification from the Association of Certified Financial Crime Specialists. Steven is a member of IIN, WAD, WIN, NAIS (Life Member), ION, AIIP, NCISS, BOMP (Founding Member), COIN, IJI, IOA, TALI, ACFE, ASIS, Intellnet, IWWA, ALDONYS, SPI (Board Member) and other investigative associations.  Steven is a founding member of the Fraternal Order of Investigators.
• Joseph Concannon
  Joseph R. Concannon brings his leadership, program management skills and endless energy to the helm of Integris Security LLC., a boutique security startup firm. Mr. Concannon, with his experience, brings to Integris Security information and physical security, disaster recovery/business continuity planning and intelligence services along with his leadership capabilities. Prior to Integris Security, Mr Concannon led the FBI public/private initiative called InfraGard in NYC for 12 years. His vision and endless energy pushed the NYC alliance into the national spotlight which enabled the FBI to expand its national membership and provide a road map for other alliances around the nation to establish similar programs. As a result the NYC InfraGard grew beyond normal size in comparison to the entire national program. At the helm of NYM InfraGard, Mr. Concannon provided five distinct educational programs. These are monthly security summits, IGtv, trusted partner conference calls, on-Demand Video and the InfraGard Learning Series. The NYC Alliance alone provided education and professional development to over 5,000 security professionals hailing from over a dozen different industry verticals. InfraGard was the bridge between the public and private sectors where "Trust" was and continues to be the number one true value. Mr Concannon has been awarded by InfraGard's National Board the Linda Franklin Leadership Award and the NYC Alliance Outstanding outreach. Prior to InfraGard Mr Concannon held a position with a U.S. Government Agency contractor as a background security clearance investigator. Mr Concannon was responsible for investigating individuals applying for government clearances while maintaining two agency credentials. Mr Concannon has previously been a professor at the State University at Farmingdale, NY. Mr. Concannon taught several technology courses covering topics from malware to information security management. While at Farmingdale University Mr. Concannon was published in the Journal of Information Security. Over Mr Concannon's 25 year law enforcement career with the NYPD his roles have ranged from planning city-wide emergency management protocols and operations to directing and coordinating the early computer operations, LAN management in New York City and government oversight. Mr Concannon is the recipient of over 17 NYPD awards and commendations has vast experience in both external and internal investigations. Mr Concannon's was appointed by then Mayor Rudolph Giuliani to the position of Deputy Director in the Mayor's Office of operations. Wherein Mr Concannon was the chief analyst for public safety issues, conducting oversight of seven public safety operations and working with the Office of Management and Budget. During his tenure in the Mayor's office Mr Concannon prepared the public safety section of the Mayor's Management Report and chiefly was responsible for creating and providing analysis for Emergency Management Operations, was the chair of the LEPC and Mayor's Office Emergency Response protocol. Mr. Concannon holds a Master's degree in Public Administration and a Bachelor of Arts in Government and Public Administration from the John Jay College of Criminal Justice in New York. Mr. Concannon is a native of NYC, has audited dozens of security courses, interviewed hundreds of subject matter experts and looks forward to many successful engagements with Integris Security.
• Amy Neustein - Author; Editor-in-Chief - International Journal of Speech Technology
  Amy Neustein, Ph.D., is Editor-in-Chief of the International Journal of Speech Technology (Springer), a member of De Gruyter's STM Editorial Advisory Board, and Editor of their new series, Speech Technologyand Text Mining in Medicine and Healthcare. Dr. Neustein is also Series Editor of Springer Briefs in Speech Technology. She has published over 40 scholarly articles, is a frequent invited speaker at natural language and speech technology conferences, and has given grand round lectures and seminars at over20 leading medical institutions. She is editor of the volume, Advances in Speech Recognition: Mobile Environments, Call Centers and Clinics. Dr. Neustein is co-editor of numerous books including Forensic Speaker Recognition; Where Humans Meet Machines; and Mobile Speech and Advanced Natural Language Solutions. She has been a member of the visiting faculty at the National Judicial College since 1985, and a member of MIR (Machine-Intelligence Research) Labs since 2010. She is the recipient of several distinguished awards: pro Humanitate Literary Award; Information Technology: New Generations(Medical Informatics) Award; and the Los Angeles County Supervisor Humanitarian Award. Dr. Neustein is CTO and Founder of Linguistic Technology Systems, located in Fort Lee, New Jersey.She can be reached at amy.neustein@verizon.net
• Jack Radigan - Owner - Centrych Systems LLC
  Jack is a Navy veteran who's IT career has taken him from independant and corporate software development, to multi-national messaging infrastructure design and deployment, to information security. He's worked as a contributor and manager for companies in archival data, business information, telecommunications, and financial industries. While at Dun & Bradstreet one of his roles was Director, Data Security. He was a key contributor to their privacy policies and data handling standards for financial data with NPPI elements. He also led the development of their PCI compliance standards and procedures, and their security audit controls for Sarbanes-Oxley reporting. He is now the owner of Centrych Systems LLC, a custom IT services company using open source solutions. The company's lead project, Centrych Desktop OS, is a business-class productivity solution with several security additions and tested procedures that can help users to protect their online identity and stored information.
• James Elste - CEO & Co-Founder - Cognitive Extension, Inc.
  James is CEO and Founder of Cognitive Extension, Inc., leading the development of inqiri.com and the Decision Optimization Engine technology platform.  He has extensive experience developing and managing enterprise cyber-security programs, in both the public and private sectors having served as the Chief Information Security Officer for the State of Nevada, Director of IS Security and Internal Controlsfor International Game Technology (IGT), and most recently, as Symantec's Director of Security Strategy & Programs. James is the current Chairman of the Privacy Coordination Standing Committee of the National Strategy for Trusted Identities in Cyberspace (NSTIC) Identity Ecosystem Steering Group(IDESG). He is an active participant in NSTIC and the IDESG and continues to support cyber-security, privacy, and user-centric identity programs throughout the USA and internationally.  James holdsa Bachelor of Science in Business Administration from the University of Texas at Dallas and Master of Science in Information Assurance from Norwich University. He is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM) and is Certified in the Governance of Enterprise Information Technology (CGEIT).
• Jim Manico

Links:

• https://appsecusa2013.sched.com/event/13j8kt1/panel-privacy-or-security-can-we-have-both

Similar Presentations:

• DEF CON 27 (2019) / Information Security in the Public Interest
• HOPE Number Nine (2012) / Privacy - A Postmortem
• Black Hat USA 2019 / Information Security in the Public Interest