Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone

Presented at Black Hat USA 2017, July 26, 2017, 9 a.m. (60 minutes)

Since the first Black Hat conference 20 years ago, the security community, industry and the world have changed to the point that it’s time to re-examine whether we’re living up to our responsibilities and potential.

Long gone are the days when “hacking” conjured up a sense of mischief and light-heartedness, with limited risks and harm. The harsh reality of the now is that the security community hasn't kept pace with the importance of technology in our society, even as the stakes have grown higher than ever. Our adversaries are no longer motivated only by money, personal data or competitive intelligence, but are now driven to use the critical technologies of our lives to arrest journalists and activists, to suppress democracy and manipulate public opinion. In these times, our community has a responsibility to the people of the world that goes beyond traditional facets of information security.

This talk will explore how we can adapt to better confront the obstacles we face as security practitioners. Can we incentivize and celebrate defensive security research in the same way that we applaud the discovery of vulnerabilities? How do we foster intelligent discussion of real-world trade-offs while avoiding sensationalism? We will discuss real situations from the last year where our community could have risen to the occasion, we will analyze what failed, and propose how we can further help protect people.

Presenters:

• Alex Stamos - Chief Security Officer, Facebook
  Alex Stamos is the Chief Security Officer at Facebook, where he leads a team of people around the world focused on ensuring the safety of the billions of people who use Facebook and its family of services. He is also committed to bringing more openness and collaboration to the security community, and to building solutions that keep people safe in the circumstances they face every day. Alex is a noted expert in global scale infrastructure, designing trustworthy systems, and mobile security. He is a frequently requested speaker at conferences and industry events, including Black Hat, RSA, DEF CON, Milken Global, Amazon ZonCon, Microsoft Blue Hat, FS-ISAC, and Infragard. Before Facebook, Alex served as the CISO of Yahoo, where he led the security team to develop innovative security technology and products. He was also the co-founder of security consultancy iSEC Partners, a company that helped hundreds of companies build secure and safe systems. Alex holds a bachelor's degree in Electrical Engineering and Computer Science from the University of California, Berkeley.

Links:

• https://www.blackhat.com/us-17/briefings/schedule/#stepping-up-our-game-re-focusing-the-security-community-on-defense-and-making-security-work-for-everyone-8227

Similar Presentations:

• 30C3 (2013) / Sysadmins of the world, unite!: a call to resistance
• AppSec USA 2017 / KeyNote - Runa A. Sandvik: Building a Culture of Security at The New York Times
• DeepSec 2016 „Ten“ / Malicious Hypervisor Threat - Phase Two: How to Catch the Hypervisor