Cyber Safety And Public Policy

Presented at BSidesLV 2016, Aug. 2, 2016, 2 p.m. (60 minutes)

Security research has had some clear wins in the past year, but if you weren't paying attention you may not have noticed. Amanda and Jen will walk through these and what they mean, from the DMCA exemptions, to fixing proposed legislation, to work killing bad bills. Policymakers have started recognizing a need to work with hackers, and vice-versa. It's not going to get better until we understand the landscape and what's worked. 

There will be guest speakers filling in details of their progress, and what's next.

Presenters:

• Suzanne Schwartz, MD - Associate Director for Science and Strategic Partnerships, Emergency Preparedness/Operations & Medical Countermeasures (EMCM) Director (Acting) - FDA's Center for Devices and Radiological Health (CDRH)   as Suzanne Schwartz
  Suzanne B. Schwartz, MD, MBA is the Associate Director for Science and Strategic Partnerships in the Center for Devices and Radiological Health (CDRH) at the FDA. She also continues to serve as the Director (Acting) of CDRH's Emergency Preparedness/Operations and Medical Countermeasures program. Suzanne represents CDRH/FDA across inter-Agency initiatives for the Public Health Emergency Medical Countermeasures Enterprise (PHEMCE) for chemical, biological, radiological and nuclear threats (CBRN), natural disasters and emerging infectious diseases.As CDRH's Emergency Operations Coordinator, Suzanne is responsible for preparedness and incident response to all public health concerns involving or impacting medical devices, including cybersecurity of medical devices and their networked systems. Her programmatic efforts have evolved beyond response to include increasing awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH). Suzanne chairs the CDRH Cybersecurity Working Group which is tasked with formulating policy on medical device cybersecurity on behalf of the Agency. She also serves as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector's healthcare cybersecurity initiatives.Suzanne earned an MD from Albert Einstein College of Medicine of Yeshiva University in New York in 1988, trained in General Surgery and Burn Trauma at the New York Presbyterian Hospital - Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business in 2012, and completed Cohort X of the National Preparedness Leadership Initiative - Harvard School of Public Health & Harvard Kennedy School of Government executive education in June 2013.
• Amanda Craig - Senior Cybersecurity Strategist - Microsoft
  Amanda Craig is a Senior Cybersecurity Strategist in Trustworthy Computing's Global Security Strategy and Diplomacy (GSSD) team at Microsoft. As part of GSSD, she focuses on policy issues related to cloud security, cyber risk management, and coordinated vulnerability disclosure, working to address complex global change and to advance trust in the computing ecosystem. She is the co-author of two Microsoft publications, Transforming Government: Cloud policy framework for innovation, security, and resilience and Transforming Government: A cloud assurance program guide. She is also a co-chair of the Awareness and Adoption working group within the U.S. Department of Commerce's National Telecommunications and Information Administration (NTIA) multistakeholder process on vulnerability disclosure. Talk to her about your favorite hiking trail, living in Egypt, future technology predictions, and coordination that achieves change.
• Allan Friedman - Director of Cybersecurity - US Department of Commerce
  Dr. Allan Friedman is the Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of Commerce, where he runs multistakeholder processes on issues including IoT and vulnerability disclosure. Prior to joining the Federal government, Friedman was a noted infosec and technology policy researcher at a range of institutions, including Harvard University, the Brookings Institution, and George Washington University. Wearing the hats of both a technologist and a policy scholar, his work spans computer science, public policy and the social sciences, and has addressed a wide range of policy issues, from cryptography to telecommunications. Friedman has over a 15 years of experience in security research, with a particular focus on economic, market, and trade issues. He is the coauthor of Cybersecurity and Cyberwar: What Everyone Needs to Know (Oxford University Press, 2014). Friedman has a Computer Science degree from Swarthmore College, a PhD in Public Policy from Harvard University, and has made his peace with the word "cybersecurity."
• Jen Ellis - VP of community and public affairs - Rapid7
  Jen Ellis is Rapid7's Vice President of Community and Public Affairs. She believes security practitioners are the guardians of Society's trust in technology, and works extensively with security professionals, technology providers/operators, and various Government entities to promote better collaboration. She believes this is our best path to reducing cybercrime and protecting consumers and businesses. To this end, Jen also provides free skills training to security professionals so they can get greater buy-in and achieve more positive security outcomes. She has testified before Congress and spoken at numerous security industry events.

Links:

• https://bsideslv2016.sched.com/event/7ggu/cyber-safety-and-public-policy

Similar Presentations:

• DEF CON 30 (2022) / Panel - DEF CON Policy Dept - What is it, and what are we trying to do for hackers in the policy world?
• BSidesLV 2016 / State Of Automotive Cyber Safety