For over a quarter century, computer security incident response and network defense have been performed by a self-selected cohort of clever and easily bored IT generalists who love solving puzzles and come from diverse backgrounds and levels of academic achievement. However, if our field is going to tackle the difficult problems that lie ahead, it needs to “professionalize:” adopt standards of education, training and conduct to ensure we can be trusted to do the right thing and that we can scale up our talent pool without dilution or pollution. This talk will cover the pros and cons of professionalization, some steps we need to take as a community, and discuss work that has already begun on establishing a code of ethics through the FIRST Ethics Special Interest Group (Ethics-SIG).

Details

time: 11:30
speakers:

Other sessions:

How to solve DDoS attacks


Detect & Respond to IoT Botnets as an ISP


Operating Large-scale Honeypot Sensor Networks For Fun and (non) Profit


Multi-party Vulnerability Disclosure: How we got here and where we are going (panel discussion)


Deterrence in cyberspace: challenge or illusion?


Context is King - Using Enriched Threat Intelligence to Help People and Machines Protect Us