I’m grateful and honored for being invited to attend and present at a couple of particularly awesome hacker conferences next month, especially to soak up what others have learned so far this year. Here’s looking forward to learning from old pals and new ones, too.
GrrCON happens right here in the Midwest and is a closely coveted information security and hacking conference attended by a global audience. GrrCon provides the InfoSec community with a fun atmosphere to come together and engage with like minded people. They keep GrrCON small, limited to 1,500 attendees, in order to provide an experience that is anything but typical for these kinds of events. Whether you are a Fortune 500 executive, security researcher, industry professional, student, or a hacker of “flexible” morals you will find something incredibly worthwhile at GrrCON.
I’ll be presenting Life, Death, and the Nematodes: Long live Cyber Resilience
Synopsis: The promise (illusion) of 100% Cyber Security has worn thin. While we continue to support the concepts of defense and prevention, Cyber Resilience goes beyond those measures to elevate our team’s awareness and emphasizes strategic response and preparedness for when incidents occur. Because they will occur. Making sure we’re prepared when they do is what Cyber Resilience is all about. Doing it well means opening our hearts and minds and learning to understand our own species even better than before.
ISACA is a stately oak of the information security industry, responsible for, among other things, administrating many information security industry standard certifications. From Wikipedia:
ISACA originated in the US in 1967, when a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1969, Stuart Tyrnauer, an employee of the (then) Douglas Aircraft Company, incorporated the group as the EDP Auditors Association (EDPAA). Tyrnauer served as the body’s founding chairman for the first three years. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge of and value accorded to the fields of governance and control of information technology.
The association became the Information Systems Audit and Control Association in 1994 and in 2008 dropped its long title and branded itself as ISACA.
ISACA currently serves more than 110,000 constituents (members and professionals holding ISACA certifications) in more than 180 countries. The job titles of members are such as IS auditor, consultant, educator, IS security professional, regulator, chief information officer, chief information security officer and internal auditor. They work in nearly all industry categories. There is a network of ISACA chapters with more than 200 chapters established in over 80 countries. Chapters provide education, resource sharing, advocacy, networking and other benefits.
Here, I’ll be presenting InfoSec Needs Better UX: Blame TV Dinners
Synopsis: The messages we’ve been sent about privacy and security over the previous century haven’t been very friendly or accessible. In addition, they are in direct contrast to today’s requirements, definitions and expectations. How can we address this cultural challenge in order to forward the goals of Cyber Security and Resilience to prepare for an evolving threat landscape? We’ll take a brief but captivating and memorable stroll through the past 100 years or so to uncover some of the tracks we’ve made while illuminating a new path forward and how to elevate our entire culture’s understanding of and interest in protecting ourselves, our families, friends, colleagues, clients, and the bottom line.
As ever, it’s also a pleasure to take a short break to focus on listening and learning to like-minded people bringing insights and genuine feedback about a ever changing and challenging industry committed to making the Web safer for everyone for work, play, and everything in between. See you all there.