Friday 4 October 14:00 - 14:30, Green room
Ivan Kwiatkowski (Kaspersky)
Infosec is not like other jobs. We handle personal data, sensitive information, vulnerabilities that can affect thousands of computers. Our skills are sought after by the most powerful companies and governments. Yet we like to see ourselves as technologists; morally agnostic technicians who focus on solving virtual-world problems.
Reuters' recent article about UAE's Project Raven evoked strong reactions in many members of the community, myself included. It showed how infosec skills can be used to make the world a worse place - that, we already knew. But it also revealed the thought processes and motivations of the people involved. Looking back at the discussions our community has been having on social media in recent years, we can see that these justifications were already echoing:
I have witnessed several professionals defending the notion that technology and ethics have nothing to do with each other. I find this alarming as this vision might in fact be the reason why some of us, deprived of an established moral compass, end up getting lost. It doesn’t have to be this way: generations of thinkers such as Aristotle, Kant and Rawls have been studying the concepts of right and wrong for centuries. In this talk, I will present various schools of thought pertaining to the philosophy of justice, and explore how they could help us solve some of the dilemmas the infosec community is facing.
Ivan Kwiatkowski Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst working as a senior security researcher in the Global Research and Analysis Team (GReAT) at Kaspersky Lab. Ivan's day-to-day job occasionally involves incident response and delivering training. He maintains an open-source dissection tool for Windows executables and his research has been presented at several cybersecurity conferences in Europe. As a digital privacy activist, he also operates an exit node of the Tor network. |
Jamie Tomasello (Duo Security)
Kathleen Whitbey (Palo Alto Networks)
Heather King (Cyber Threat Alliance)
Jeannette Jarvis (Fortinet)