What were they thinking?: Interpreting The Honey Stick Project Results from 2007 to 2014… and Beyond presented at Bsidesottawa 2015

by Scott Wright,

Summary : What will you do (or what have you done) when you find an unattended information asset? The answer to this question is what Scott ponders when conducting his ongoing Honey Stick Projects. Whether it’s a dropped USB drive or a forgotten smartphone, the original owners often wish they’d done more to protect their sensitive information. And those of us who have yet to find such an asset like to imagine we’d do the honourable thing. But how often does this really happen?
In this presentation, Scott will explore the fascinating history of the Honey Stick Project; an ongoing initiative that strives to ask and answer these kinds of questions. The objective is to understanding how we can help employees make better risk decisions with the sensitive information they handle. The session will also ask related questions about the emerging human vulnerabilities and the coming Internet of Things, and how others might get involved in future phases of the project.