STEPPING UP OUR GAME: RE-FOCUSING THE SECURITY COMMUNITY ON DEFENSE AND MAKING SECURITY WORK FOR EVERYONE presented at blackhat 2017

by Alex Stamos,

Summary : Since the first Black Hat conference 20 years ago, the security community, industry and the world have changed to the point that it's time to re-examine whether we're living up to our responsibilities and potential.
Long gone are the days when "hacking" conjured up a sense of mischief and light-heartedness, with limited risks and harm. The harsh reality of the now is that the security community hasn't kept pace with the importance of technology in our society, even as the stakes have grown higher than ever. Our adversaries are no longer motivated only by money, personal data or competitive intelligence, but are now driven to use the critical technologies of our lives to arrest journalists and activists, to suppress democracy and manipulate public opinion. In these times, our community has a responsibility to the people of the world that goes beyond traditional facets of information security.
This talk will explore how we can adapt to better confront the obstacles we face as security practitioners. Can we incentivize and celebrate defensive security research in the same way that we applaud the discovery of vulnerabilities? How do we foster intelligent discussion of real-world trade-offs while avoiding sensationalism? We will discuss real situations from the last year where our community could have risen to the occasion, we will analyze what failed, and propose how we can further help protect people.