End of year, end of decade
Are things better than 10 years ago? 5 years ago?
If there was one thing to change things for the better, what would that be?
Good, Bad, Ugly
Did naming vulns make things better?
Which industries are doing a good job of securing themselves? Finance?
What do you wished never happened (security/compliance wise)?
Ransomware infections with no bounties
Still have people believing “Nessus” is a pentest
https://www.retailitinsights.com/eventscalendar/eventdetail/1c77d5c6-8625-4f2b-bb98-89cca6590c49
https://www.apics.org/credentials-education/events
The Future
PREDICTIONS!!!
Bryan: The rise of the vetting programs (Companies will want to vet content creators in their eco-systems)
Cybuck: An uptick in surveillance tech; both disguised as cool home smart gadgets and straight up public safety. Triggering a US GDPR type response.
Injection remains as the undisputed heavyweight champion of app sec vulnerability (OWASP top 10). And wishful thinking...broken authentication moves lower, denial of service goes down. https://twitter.com/WeldPond/status/1207383327491137536/photo/1
JB: a major change in social media/generational shift in how we use it, legal or focus on new types of mobile tech for example… Human networking in real-life in the age of ‘social’ ….“When you hire someone… you also hire their rolodex” --- what do you think about this statement? ..it’s role in InfoSec? Talent?
JB- shouted out https://github.com/redcanaryco/atomic-red-team (Invoke-Atomic framework with powershell now on Linux, OSX, and Windows)
JB - Link to hunting/stopping-human-trafficing org i mentioned :
Shoutout
Sherrie Caltagirone, Executive Director, Global Emancipation Network @GblEmancipation
https://www.sans.org/cyber-security-summit/archives/file/summit_archive_1569941622.pdf
Mentioned https://monitorama.com/ https://github.com/viq/air-monitoring-scripts (viq form brake sec )
Other topics
Talk about where you were 10 years ago, and what you did to get where you are?
Best Hacking tool?
Best Enterprise Tool?
Recent news
https://www.phoronix.com/scan.php?page=news_item&px=CERN-MALT-Microsoft-Alternative
https://www.iotworldtoday.com/2019/12/21/2020-predictions-apis-become-a-focus-of-iot-security/
https://www.jonesday.com/en/insights/2018/10/california-to-regulate-security-of-iot-devices
News Stories from 2010 (see if they still make sense, or outdated)
https://www.infosecurity-magazine.com/magazine-features/what-makes-a-ciso-employable/
https://www.owasp.org/index.php/OWASPTop10-2010-PressRelease
No comments:
Post a Comment