Where bits & bytes meet flesh & blood: Devops, Cybersafety, and the Internet of Things

Presented at AppSec USA 2016, Oct. 14, 2016, 11:25 a.m. (45 minutes)

We've heard software is eating the world; software is infecting the world. Our dependence on connected technology is growing faster than our ability to secure it - in areas affecting public safety and human life. Adding millions of lines of code and connecting everything to everything else exposes cyber physical systems to new accidents and adversaries. This is truly where bits & bytes meet flesh & blood. While many in security fear DevOps and see it as the end of security as we know it... maybe that's a good thing. Our best is not good enough. Despite best practices, modern SW and Security have allowed 100 of the F100 to lose IP and sensitive information - even our governments routinely succumb to adversaries. These failure rates cannot stand with the consequences of failure being measured - not in record count - but in human lives and GDP. Paradoxically, it may take DevOps to rise to these challenges. Rugged DevOps is finding un-obvious common ground and break throughs like SW supply chain principles, greater visibility and response agility, immutable infrastructure, and the like. We must be better. This is what better looks like.

Presenters:

  • Joshua Corman - Founder - I am The Cavalry
    Joshua Corman is a Founder of I am The Cavalry (dot org) and Director of the Cyber Statecraft Initiative for the Atlantic Council. Corman previously served as CTO for Sonatype, Director of Security Intelligence for Akamai, and in senior research & strategy roles for The 451 Group and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world's increasing dependence on digital infrastructure. Josh's unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He also serves as adjunct faculty for Carnegie Mellon's Heinz College and on the 2016 HHS Cybersecurity Task Force.

Links: