Return to get a riskbased thatach that recognizes security is a journey, not a destination. There is a federal court in. One is the new version of this framework is going to come out next year and another is what the white house with strategic action printer planner,. The other was a session at black hat which is a Rating System for software. Which seems to be what we are trying to go forward with as a larger community. One of my favorites of those, i will introduce beau on that. Im involved with this at welfare the eye am the Cavalry Movement is sort of josh corman and beau, no one else will fix these problems so we need to step up and fix some of these issues that are out there and so the cavalry is not coming, it is you are the cavalry. The organization is trying to impact public policy, try to educate corporations and try to get security built into projects before they calls issues cau , before medical devices are causing loss of human life. I am the calvary is one way. We talked about another example of Ranking Software based on how much security is involved. And the dod bounty getting that off the ground. There are a lot of people in the Community Involved but i would like to see more. I think part of that is education on our side. If we see something in the news, that its bad, and complain about it and dont actually stand up and say how can i influence summit to change this how can i influence somebody to change this . And they dont bother to see when they can comment and a hearing they could attend. Part of that is on us to have more education so we know how to influence the part of it is also trying to get people motivated to be the influencers. It has changed so much from the early days where people would say about their vulnerabilities so they could launch at defcon and get all their great press. That was normal in the late 90s. That just doesnt happen anymore. Expected, at defcon you have to talk about the vendor. If you dont talk about it, you are affected to release a demo and showed the demo and release the told to go after that on her ability. It is also expected that you have told the vendor before him. Speak englishng or from casper ski or somewhere else. It is meant to be what if the content. It is very egalitarian. That, thatnd to effort, and attempt to bridge some the different stakeholders that live in these various ecosystems to work on coming up with solutions. It is a very young industry if you look at engineering, nothing going on for thousands of years in medicine as well. Severus attorney, like 20. Cyber security, like 20. We are still young. The way to work it out is to get together. I will also say that Something Like a Cyber Security framework might not work for iot devices. We might need to consider multiple approaches to solving some of these problems. The way i put it, sometimes what worked for the first 5 million may not work for the next 5 billion. A challenge coming up but i think we have some of the smartest people ive ever met both in d. C. And in the Hacker Community bring in those two together. I think it is a good start. Out to the audience again. I walked in as the discussion of electronic voting was going on and im frankly perplexed by the willingness to dismiss it so quickly as not germane. There were a number of articles that appeared during the week of black hat and whether the franchise whether the 19th article for structure and saying yes. You dont get to have an economy with waterworks in aviation and electric and manufacturing with a musick and preserve the democracy. The franchise being corrupted by hacks, Everything Else is at risk. I would think that would be something that ought to preoccupy all of us
comparemela.com © 2020. All Rights Reserved.