Keynote: Building secure sharing systems that treat humans as features not bugs

Thursday 3 October 14:30 - 15:00, Small talks

Andrea Limbago (Virtru)



Humans are security’s weakest links. Always assume breach. Privacy is dead. These are a few of the dominant paradigms that continue to permeate information security. In many ways, these are weak rationalizations for the perpetual and all too frequent stream of breaches. But these mindsets do more than that. They weaken defences by encouraging data lock-downs which are detrimental to the data sharing required for innovation and collaboration. Today’s dominant inclination to silo data to protect against threats is actually producing a data scarcity problem in threat intelligence, where analysts and researchers lack access to existing relevant data due to concerns over secure sharing and trust.

This has to change. By exploring threat intel’s data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing required to strengthen defences and create business value. We will discuss the growth of data deserts and how data scarcity in threat intelligence is limiting more robust situational awareness, research, and business gains. By looking at the role of incentives, trust, and usability, we can start to address these limitations and build secure sharing systems that integrate human behaviour as a core feature. With these systems in place, we can begin to craft new security and privacy paradigms focused on empowerment, innovation, and collaboration instead of fear, uncertainty, and doubt.

(This presentation forms part of the Threat Intelligence Practitioners’ Summit)

 

 

Andrea-Limbago-web.jpg Andrea Limbago

Dr. Andrea Little Limbago is a computational social scientist specializing in the intersection of technology, cybersecurity, and society. As the Chief Social Scientist at Virtru, she researches and publishes on the geopolitics of cybersecurity, global data protection and privacy trends, workforce development, and usable security. Andrea is also the Program Director for the Emerging Technologies Program at the National Security Institute at George Mason University. She previously was the Chief Social Scientist at Endgame. Prior to that, Andrea worked at the Department of Defense, where she was recognized for her analytic support and technical excellence. Andrea earned a Ph.D. in political science from the University of Colorado at Boulder.  


   Download slides    Watch video

Back to VB2019 Programme page

Other VB2019 papers

We need to talk - opening a discussion about ethics in infosec

Ivan Kwiatkowski (Kaspersky)

King of the hill: nation-state counterintelligence for victim deconfliction

Juan Andres Guerrero-Saade (Chronicle)

Panel: Bursting the myths about threat intelligence sharing

Kathi Whitbey (Palo Alto Networks)
Jeannette Jarvis (Fortinet)
Dan Saunders (NTT)
John Fokker (McAfee)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.