Presented at
Diana Initiative 2019,
Aug. 9, 2019, 1 p.m.
(30 minutes).
FUD (Fear, Uncertainty & Doubt) runs rampant in information security on a daily basis. Sensationalized claims leveraging stolen data or a simple misconfiguration are manipulated to make a headline. The science becomes so obscure that the true findings falls through the cracks. How do we get out of this vicious cycle? The secret weapon to fight FUD is provided from two points of view: the researcher and their target. As a researcher, how can you ensure your findings are taken seriously and not tagged as FUD? As a company or area under the eye of the research community, what can you do to not make the situation worse and become better respected.
Presenters:
-
Olivia Stella
- Senior Cybersecurity Analyst
Olivia Stella is a senior cybersecurity analyst for a US airline. In her current role, she focuses on aviation security and vulnerability management including pen testing. She has over ten years of experience in software development and information security. Previously, she worked at an in-flight entertainment company in product security supporting incident response, risk & compliance, and as the bug bounty lead. She holds a bachelor's degree in computer science, masters in software engineering, CISSP & CISM. When she’s not wearing her security hat, she loves to curl and is an avid toastmaster. (That’s right, ice curling.)
Links:
Similar Presentations: