Sector2015: Difference between revisions
(Created page with " http://www.sector.ca/Program/Sessions/Schedule == There’s no such thing as a coincidence - Discovering Novel Cyber Threats - Jim Penrose == * leverage your own uniquenes...") |
No edit summary |
||
Line 3: | Line 3: | ||
http://www.sector.ca/Program/Sessions/Schedule | http://www.sector.ca/Program/Sessions/Schedule | ||
== There’s no such thing as a coincidence - Discovering Novel Cyber Threats - Jim Penrose == | == oct 19 CSA pre conf conf == | ||
Oct 19th CSA Cloud Security Alliance | |||
--- | |||
1 single pane of glass | |||
#spog | |||
@AnnCavoukian | |||
Cavoukian | |||
privacy bigger than security | |||
basic sec safegaurds | |||
presentation. | |||
micheal chairtoff - sec of dept home land security - huffing ton post. | |||
privacy is not the same secrecy | |||
if nothing to hide then worry. | |||
"duty of care" | |||
"If you break the law then you forfeit your privacy." - Cavoukian ( ack! I don't hink so ) | |||
PHIPPA | |||
hipppa I was talking to the stake holders: "institutions, doctors, health-care providers"... um what about patients? | |||
informationalselfdetermination | |||
Long German Words | |||
@longgermanwords | |||
informationelle Selbstbestimmung | |||
privacy by design | |||
7 fundamentals. | |||
questions / Critique | |||
1. some on in the business decideds to do this, they do it after deciding it's the right hting. Cost / benifit. | |||
2. what is the cost compared to before? | |||
3. what you get out of "gratitude and loyalty" | |||
4. post snowden days. - most people don't know about snoden , why not assange / wikileaks? | |||
are you promoting being open, or are you saying you need to be more secure ... don't be snodened. | |||
5. collection , use , destruction | |||
how to prove all that? | |||
6. transparency - being open with | |||
7. tell me about 23 and me. | |||
8. duty of care - to protect the data. | |||
9. it is uncumbant onyou to tell people about how you use the data. incumbant? | |||
10. how long have you got their data. | |||
PbD - rivacy by design | |||
- survalence | |||
- biometrics - eg with olg | |||
- smart meteres on smart grid | |||
There is a cetification ( ryerson ) Privacy by design ryerson.ca/PBD/Certification | |||
Using privacy by design to achieve big data innovation without compromising privacy. | |||
De-idenification | |||
nymi band | |||
cardiace rhythm | |||
oiasis - co chair technical commitee - pbd- for software engineers - playbook. | |||
case studies about cost. | |||
question: risk harm , how to you fold riks problems into risk management. | |||
OPM office of personelle management - break. | |||
preso: | |||
------------- | |||
Microsoft guy | |||
john weigelt | |||
@thumbstackhead | |||
train 3254 | |||
microsoft "lockbox" | |||
scoped , temp admin access. | |||
customer gated access | |||
--- | |||
panel: future | |||
brian higgins - entrust | |||
then with third brigade | |||
three things: | |||
1. IT will influence all the old sckool inductries ( imagine 3d printer electrical / plumbing ) | |||
2. IT isn't one big thing. it's lots of little htrings nad some IT will go away. | |||
some stuff will be an commodity, foil this with what the pumlbing industry looks like. | |||
3. two citizens wrt standarded : the influenceser s and the followers. | |||
neila cruz - european | |||
_______ | |||
track plan | |||
oct 20: | |||
== oct 20 == | |||
plan: | |||
* 14:40 15:40 - 701A - Automation is your Friend: Embracing SkyNet to Scale Cloud Security - Mike Rothman | |||
* 15:55 16:55 - 803 - Run Faster, Continuously Harden - Embracing DevOps to Secure All The Things - Chayim Kirshen | |||
=== There’s no such thing as a coincidence - Discovering Novel Cyber Threats - Jim Penrose === | |||
* leverage your own uniqueness | * leverage your own uniqueness |
Revision as of 14:59, 20 October 2015
http://www.sector.ca/Program/Sessions/Schedule
oct 19 CSA pre conf conf
Oct 19th CSA Cloud Security Alliance
---
1 single pane of glass
- spog
@AnnCavoukian
Cavoukian
privacy bigger than security
basic sec safegaurds
presentation. micheal chairtoff - sec of dept home land security - huffing ton post.
privacy is not the same secrecy
if nothing to hide then worry.
"duty of care" "If you break the law then you forfeit your privacy." - Cavoukian ( ack! I don't hink so )
PHIPPA
hipppa I was talking to the stake holders: "institutions, doctors, health-care providers"... um what about patients?
informationalselfdetermination
Long German Words @longgermanwords
informationelle Selbstbestimmung
privacy by design 7 fundamentals.
questions / Critique 1. some on in the business decideds to do this, they do it after deciding it's the right hting. Cost / benifit. 2. what is the cost compared to before? 3. what you get out of "gratitude and loyalty" 4. post snowden days. - most people don't know about snoden , why not assange / wikileaks?
are you promoting being open, or are you saying you need to be more secure ... don't be snodened.
5. collection , use , destruction
how to prove all that?
6. transparency - being open with 7. tell me about 23 and me. 8. duty of care - to protect the data. 9. it is uncumbant onyou to tell people about how you use the data. incumbant? 10. how long have you got their data.
PbD - rivacy by design - survalence - biometrics - eg with olg - smart meteres on smart grid
There is a cetification ( ryerson ) Privacy by design ryerson.ca/PBD/Certification
Using privacy by design to achieve big data innovation without compromising privacy.
De-idenification
nymi band cardiace rhythm
oiasis - co chair technical commitee - pbd- for software engineers - playbook.
case studies about cost.
question: risk harm , how to you fold riks problems into risk management.
OPM office of personelle management - break.
preso:
Microsoft guy john weigelt @thumbstackhead
train 3254
microsoft "lockbox"
scoped , temp admin access.
customer gated access
---
panel: future
brian higgins - entrust
then with third brigade
three things: 1. IT will influence all the old sckool inductries ( imagine 3d printer electrical / plumbing ) 2. IT isn't one big thing. it's lots of little htrings nad some IT will go away.
some stuff will be an commodity, foil this with what the pumlbing industry looks like.
3. two citizens wrt standarded : the influenceser s and the followers.
neila cruz - european
_______
track plan
oct 20:
oct 20
plan:
- 14:40 15:40 - 701A - Automation is your Friend: Embracing SkyNet to Scale Cloud Security - Mike Rothman
- 15:55 16:55 - 803 - Run Faster, Continuously Harden - Embracing DevOps to Secure All The Things - Chayim Kirshen
There’s no such thing as a coincidence - Discovering Novel Cyber Threats - Jim Penrose
- leverage your own uniqueness
- assume obfuscating
- understand the tradecraft of adversaries
- how can one "know" your adversaries. resesarch, reports, forensice reports.