Registration & Breakfast
Grab your badge, a very important coffee, and find the best seat for Ranting
After a leisurely journey and a good breakfast, we hope you're ready to RANT. Sit back and let Chris explain what RANT is all about and why we do what we do. Most importantly, remember this is your chance to get involved and join the big Infosec debate, this is not a lecture, please don't hold back with your thoughts, opinions, experiences, ideas and general heckles. RANT, held under the Chatham House Rule, is a platform for our entire Information Security community to have a voice, so grab a microphone and get involved!
It’s almost 2017, and the future is upon us. In his opening keynote Ben Hammersley will discuss the threat landscape for the coming new decade, the attack vectors everyone is getting for Christmas, why Millennials think you’re tedious (and why they might be right), and the effects of the AI explosion. He’ll skip over organised crime, gambol with non-state actors, frollick with the agencies, and get down and dirty with your traitorous employees. The attacks are coming from inside the house! Also: robot dinosaur nannies, emotionally aware wristwatches, and information leakage from your dog. There might be song at the end.
A series of three 15 minute RANTs on some of the hottest Cyber Crime topics we have faced this year. Understand what interesting criminal activity these three Ranters have investigated, researched, probed and inspected recently. We think its going to be an eye opener, but can they really explain all in just 15 minutes. No pressure...
The security of Microsoft products has been the target of jokes in IT and infosec for years, whether Justified or not. While Microsoft is the Publisher of modern products that do have significant security properties, how fast are old devices and software going the way of Clippy? Is your Source actually Safe? We'll take a look at the data that Duo Security has about the state of Exchanging new versions of software for old, Plus! we'll have enough puns to Sway your opinion toward "everything is not entirely awful".
Traditional application security approaches cannot keep up with the fast pace and sheer volume of attacks aimed at apps today. Look ahead to IoT and the threat landscape for applications gets even worse. Traditional solutions are like trying to dig a hole while someone else keeps throwing the dirt back into where you are digging.
Brian takes a look at the next generation of application security solutions that improve both security and operations without the side-effects you expect from products that require tuning, code changes, instruments, and filters. That means, no false positives, no increased performance overhead, and installation that takes minutes.
In his 1931 dystopic masterpiece, Brave New World, Aldous Huxley describes a “perfect” society whose perfection is maintained with Soma, a happiness-inducing drug. The perfection is challenged when one of the characters (John – “the Savage”) emerges from the “Savage Reservations” and discovers this Brave New World. In 2016, Huxley’s prophecy has come to pass with Soma being replaced by a Western malaise known as FOMO (Fear Of Missing Out) and John “the Savage” coming to our attention in the guise of dis-illusioned British youths going to fight in Syria and tweeting “Here we have nothing but yet we have everything; there we have everything but yet we are nothing”.
The start point in creating a new vision for resilience in a digital world is to recognise that we have become fragile. Fragility is our key weakness across the personal, societal and business domains. From every angle we have become fragile. This fragility is fuelled by human and technical factors as well as informatics.
Innovation and resourcefulness...bringing down the Internet with a clothes peg! The IoT has significant privacy problems, even when the 'things' are functioning as they were intended (and not hacked or leaking data). Profiling, surveillance, discrimination, behaviour monitoring - how do we get away from these effects when *everything* and everyone could be watching you?
Our metadata, that art in clouds, cyber attack fodder be thy name...
Thy nation state be backing, thy organised crime be hacking,
In Belarus as it is in Manchester. (And Sidney, Shanghai, Albuquerque, the ISS...)
Give us this day our vulnerability patches, and forgive us our hasty coding as we accept apps which access more than they should.
For thine is the Internet of Things, the Wibbly Wobbly Web of virtual worlds, until the EMP. Ah! ****!
Cyber criminals are becoming more sophisticated, their skills are evolving and their techniques are now so refined and undetectable that they are the biggest threat to our organisation. They are the perfect storm.
As this storm is brewing and could hit at any time, an unprepared business cannot continue to rely on basic security solutions to just protect their perimeter, they need to review their defence strategies to prevent these criminals stealing valuable data or threatening their critical infrastructures.
Businesses need to detect these breaches earlier and respond better by deploying a second line defence to quickly contain the damage and deter the cybercriminals.
Big data breaches get little publicity and there are pretty light regulatory pressures in place so security remains a low priority. Let’s help this change and hear from the experts on the human factor, the hackers, the regulators and technologists on how we can build the best protection and utilise the best intelligence.
Hosted by Brian, this panel will discuss the controversial subject of hiring the Hackers, finding other alternative sources of security professional, and the skills needed to fill the mysterious skills gap.
So lets summarise the past year of cyber news and stories, blogs and Tweets, podcasts and videos....
Phishing, Piracy, Hacking and Data Breaches are all software based security issues, but what if you apply them to your DNA and your brain. The ability to hack the human is the next level of Cyber Security to consider to protect our future generations and bridge the gap between our data exploitation and our health and our safety. As huge amounts of personal data are openly shared with some of the largest corporations on the planet we need to tackle how this data can be used for good, rather than exploited and profited upon. We are not just talking about your DoB, your address or your mother’s maiden name, what about the technology that captures and shares your travel patterns, your interests, your DNA and your eye movements.
The final thoughts for the day