The Paramedic's Guide to Surviving Cybersecurity

Presented at Black Hat USA 2020 Virtual, Aug. 6, 2020, 2:30 p.m. (40 minutes).

The security world is fraught with cases of mental health issues, burnout, substance abuse, and even suicide. We live in a world of threats and responses that trigger the deepest parts of our psyche; with the barriers between "online" and the physical world constantly crumbling. While some deal in theory, many of us deal with real incidents, challenges, and dangers every day and are constantly looking for techniques to respond better while staying saner.<br /> <br /> While we sometimes look to the experiences of the military to guide us, a closer analogy is that of emergency services in general, and Emergency Medical Services in particular. EMS is a relatively young profession, with the first Paramedic only hitting the streets in the 1970's. They deal with both real-time incidents and chronic systemic failures. They are constantly challenged by changing research and environments, and face multiple possible career paths. They also struggle with one of the highest burnout and suicide rates in the working world.<br /> <br /> Rich Mogull has 30 years of experience as an EMT and Paramedic and over 20 years in information security. He's worked in inner cities, on mountaintops, and in major national disasters. Over the decades of following parallel careers he's realized not only the high degree of similarities between the two very-technical fields, but how security seems to be following a similar maturity path as EMS. In this story and research-filled session he will pull the lessons he learned in decades of emergency response and show how to apply them to your security career and daily practice to improve your effectiveness and mental resiliency, and perhaps avoid your first clean kill.

Presenters:

  • Rich Mogull - Analyst/Securosis, CISO/DisruptOps, Securosis, L.L.C.
    Rich Mogull has twenty years experience in information security, physical security, and risk management. These days he specializes in cloud security and DevSecOps, having starting working hands-on in cloud nearly 10 years ago. He is also the principle course designer of the Cloud Security Alliance training class, primary author of the latest version of the CSA Security Guidance, and actively works on developing hands-on cloud security techniques. Prior to founding Securosis, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS and a frequent contributor to industry publications. He is a frequent industry speaker at events including the RSA Security Conference, Black Hat, and DEF CON, and has spoken on every continent except Antarctica (where he's happy to speak for free -- assuming travel is covered).

Links:

Similar Presentations: