Presented at
AppSec USA 2014,
Sept. 18, 2014, 8 a.m.
(60 minutes).
Network attacks are inevitable. Protection and detection can only take you so far, and response -- incident response -- is finally getting the attention it deserves. I look at the economic and psychological drivers the computer security industry, and describe how the future of incident response in this context. Unlike other aspects of security technology, IR needs to augment people rather than replace them. This requires a systems theory approach to IR, and I borrow one from the US Air Force: OODA loops. Understanding how IR works will be critical to maintaining network security in the coming decade.
Presenters:
-
Bruce Schneier
- CIO - Co3 Systems, Inc.
Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books - including Liars and Outliers: Enabling the Trust Society Needs to Thrive - as well as hundreds of articles, essays, and academic papers. His influential newsletter "Crypto-Gram" and his blog "Schneier on Security" are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the Chief Technology Officer at Co3 Systems, Inc.
Links:
Similar Presentations: