The last few years have seen dramatic changes in the information security community. No longer the esoteric domain of a small cadre of professionals, infosec concerns are front and center in boardrooms and media outlets around the world. The incidents at Target, Home Depot, Staples, and Sony are regular demonstrations that breaches are the new normal even as our community argues about whether APT-style attacks are really “advanced". There's public outcry over government surveillance in the wake of the Snowden leaks, yet many in our industry give up their personal privacy to Facebook and Google every day with little more than a shoulder shrug. And the average consumer has little chance of defending themselves against modern threats, even with the massive security advances that have occurred in the last 20 years.
This panel will examine personal privacy, contemporary threats, the users role in security, and other issues neatly written on Shmooballs and thrown at panelists. The panel is constructed of individuals who have been involved in information security for decades and may have developed a jaded, pessimistic, “get off my lawn” view of the current situation. This won't be a forum for complaining, however; the panel will seek to add clarity to these complex issues and provide attendees with ideas and guidance on how to deal with the current security landscape.
Bruce Potter (moderator) is jack of many trades and master of none… well, maybe public speaking, but that's about it. Bruce has been doing security related things for nearly 20 years, which makes him feel old. Bruce is the founder of The Shmoo Group, helps out with ShmooCon, and has more Shmoo-branded shwag in his basement than he'll publicly admit. He is the co-founder and CTO of Ponte Technologies, a research and engineering company based in Ellicott City Maryland. At PonteTec, Bruce and his team focus on software security research, secure systems development, and assisting organizations in responding to targeted attack activity. In his spare time he thinks about bike riding and learning a foreign language. Bruce secretly longs to be Bill Murray in Groundhog's Day.
Ben Laurie is delighted everyone suddenly cares about security. He works for Google trying to fix the interwebs, which is probably what he'd be doing whatever. He wants you to all get that users matter.
Dr. Rick Forno directs the University of Maryland Baltimore County's Graduate Cybersecurity Program, serves as the Assistant Director of UMBC's Center for Cybersecurity, and is a Junior Affiliate Scholar at the Stanford Law School's Center for Internet and Society (CIS). His twenty-year career spans the government, military, and private sector, including helping build a formal cybersecurity program for the US House of Representatives, serving as the first Chief Security Officer for the InterNIC, and co-founding the Maryland Cyber Challenge. Rick was also one of the early researchers on the subject of "information warfare" and he remains a longtime commentator on the influence of Internet technology upon society.
Carole Fennelly is a free-lance Information Security Management consultant in the Greater NYC area. Carole has over 30 years of hands-on experience in the Information Security and Technology fields and has authored several CIS benchmarks based on her extensive experience in Unix-based systems. As a consultant, Carole has defined the security strategy and developed the policies and procedures to implement the strategy at numerous Fortune 100 clients in the NYC area. Carole's strong technical writing skills provide the ability to analyze technology initiatives and their implications for business requirements.
Space Rogue is widely sought after by journalists and industry analysts for his unique views and perceptions of the information security industry. He has been called to testify before the Senate Committee on Governmental Affairs and has been quoted in numerous magazine and newspaper articles. A recognized name within the security industry, Space Rogue and his colleagues created the first security research think tank known as L0pht Heavy Industries and was a co-founder of the Internet security consultancy @Stake. While at L0pht Heavy Industries Space Rogue created the widely popular Hacker News Network, which quickly became a major resource on the Internet for daily information security news. Space Rogue has spoken before numerous audiences including Black Hat, DEF CON, ShmooCon, SecTor, HOPE, numerous B-Sides, and others.