Reverse Engineering the Wetware: Understanding Human Behavior to Improve Information Security

Presented at BSidesSF 2016, Feb. 28, 2016, 1 p.m. (55 minutes).

The human mind evolved to draw quick conclusions for survival. Behavioral economists, like Daniel Kahneman and Dan Ariely, are publishing research on when, why and how decision making can be consistently and predictably irrational. You could say these researchers are reverse engineering the wetware, finding bugs and race conditions and disclosing them.People are key to an organization's information security, even if you believe in the "people, processes and technology" tripod. People define and execute processes. People decide funding for, implement, operate and/or monitor the technology. Your adversaries are people. At least until we reach the AI singularity, that is.Until then, the aim of this talk is to present some of the counter-intuitive findings of behavioral economics research and their implications for how information security is handled at the organizational and market levels. Our hope is that the audience will find they could benefit from changing established, seemingly sensible and logical actions we all do to better match how the wetware actually works.


Presenters:

  • Alexandre Sieira - CTO - Niddel
    Alex Sieira is the CTO of Niddel and a principal at MLSec Project. He has over 12 years dedicated to information security consulting, managed security services and R&D teams. He is an MBA, CISSP, CISA, besides some other product-specific acronyms. Experienced InfoSec in a range of verticals and corporate cultures.
  • Matthew Hathaway - Senior Manager - Rapid7
    Matt Hathaway serially obsesses over problems ranging from poor design to ineffective communication with a compulsion to solve them. He ventured to Northern Ireland to open Rapid7's now largest development office and currently owns the expansion of the company's cloud platform after 8 years in fraud and InfoSec challenges.

Links:

Similar Presentations: