Securing the “Weakest Link”
Security professionals often call people “the weakest link.” We claim that they'll always make mistakes, however hard we try, and throw up our hands. But the simple truth is that we can help people do well at a wide variety of security tasks, and it’s easy to get started. Building on work in usable security and threat modeling, this session will give you actionable, proven ways to secure people.
Speaker
Adam Shostack ( @adamshostack )
Adam Shostack is a technologist, entrepreneur, author and game designer. He’s a member of the BlackHat Review Board, and helped found the CVE and many other things. He’s currently building his fifth startup, focused on improving security effectiveness. Previously, at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Shostack is the author of “Threat Modeling: Designing for Security,” and the co-author of “The New School of Information Security.” For more on Shostack, see adam.shostack.org.
Detailed Presentation
Comments