Thursday 3 October 14:30 - 15:00, Small talks
Andrea Limbago (Virtru)
Humans are security’s weakest links. Always assume breach. Privacy is dead. These are a few of the dominant paradigms that continue to permeate information security. In many ways, these are weak rationalizations for the perpetual and all too frequent stream of breaches. But these mindsets do more than that. They weaken defences by encouraging data lock-downs which are detrimental to the data sharing required for innovation and collaboration. Today’s dominant inclination to silo data to protect against threats is actually producing a data scarcity problem in threat intelligence, where analysts and researchers lack access to existing relevant data due to concerns over secure sharing and trust.
This has to change. By exploring threat intel’s data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing required to strengthen defences and create business value. We will discuss the growth of data deserts and how data scarcity in threat intelligence is limiting more robust situational awareness, research, and business gains. By looking at the role of incentives, trust, and usability, we can start to address these limitations and build secure sharing systems that integrate human behaviour as a core feature. With these systems in place, we can begin to craft new security and privacy paradigms focused on empowerment, innovation, and collaboration instead of fear, uncertainty, and doubt.
(This presentation forms part of the Threat Intelligence Practitioners’ Summit)
Andrea Limbago Dr. Andrea Little Limbago is a computational social scientist specializing in the intersection of technology, cybersecurity, and society. As the Chief Social Scientist at Virtru, she researches and publishes on the geopolitics of cybersecurity, global data protection and privacy trends, workforce development, and usable security. Andrea is also the Program Director for the Emerging Technologies Program at the National Security Institute at George Mason University. She previously was the Chief Social Scientist at Endgame. Prior to that, Andrea worked at the Department of Defense, where she was recognized for her analytic support and technical excellence. Andrea earned a Ph.D. in political science from the University of Colorado at Boulder. |
Juan Andres Guerrero-Saade (Chronicle)
Kathi Whitbey (Palo Alto Networks)
Jeannette Jarvis (Fortinet)
Dan Saunders (NTT)
John Fokker (McAfee)