Among all the fun security conferences I’ve been to lately, this one is promising to be extra-special. After two failed attempts (one), I’d be doing (finally!) a keynote at Hack in The Box (HITB) Amsterdam 2010. So, if you are in the vicinity of Amsterdam on June 30 – July 2, 2010, come over and attend it. My keynote will be titled “Security Chasm”
Full abstract follows:
Have you often wondered why people are updating their security policies, closing compliance gap and defining ISMS while attackers are owning their systems – at the same time? Why consultants advise management on ‘risk ass-essment” while new bots are being deployed on what was formerly known as ‘your network’? Why some say that “DLP is all the rage” while record data losses and resulting fraud occur daily? Why application architects now have to assume that a client PCs is ‘owned’ when its user goes to a bank website and the design solutions to work securely around that?
Reality today often presents a grim vision of “two securities”: one concerned with ‘elevating the infosec conversation’ while the other is concerned with cleaning up the mess on our networks and systems. In one, people pretend to ‘assess risk’ while in the other incident response is the only way to go…. This very concept, that I call “security chasm,” will be the subject of my keynote presentation, along with such questions as “why we wear seatbelts because of the monetary fine, but not because of risk to our lives?” and “What will make us secure – if anything?” (and what does it actually mean!) Finally, I will explore the future of what we now call security industry and make a few long term predictions of where we will end up in a few years….
See ya all there!
Possibly related posts: