This informative and entertaining presentation will highlight movie scenes that deal with information security scenarios that make it look so easy but is nothing like the real thing. We all watched a movie where “that-guy” who only speaks in code is asked to break into some high-level government/bank/company to steal their money/information and does it all in 2 minutes – from an unmarked white van. For each scenario we will play the movie clip, laugh, explain why it is inaccurate, laugh some more, and then cover what could have been done make it more realistic. A few examples will also be included where Hollywood gets it right. We will conclude with a funny, short homemade video that shows how this hacking stuff really goes down. The presentation will cover quotes and scenes from movies such as Swordfish, Hackers, The Matrix, War Games, 24 and others.

Nazia Khan – Nazia Khan is an information security professional living in Washington, D.C. Nazia started her interest in Computer Science in her teens, programming in C++ and Java, and turned her attention to the fast growing field of Information Security at SUNY Stony Brook. She is a alum of the U.S. Government's Federal Cyber Service through the Scholarship For Service (SFS) Program (Cyber Corps) and has worked at various government agencies such as Federal Deposit Insurance Corporation (FDIC), Health and Human Services (HHS), and the Department of Homeland Security (DHS). Nazia has experience in network security, web application penetration testing, certification and accreditation (C&A) and IT security auditing of Government systems. Currently, Nazia is a Senior Security Analyst at SeNet International (senet-int.com).

Gus Fritschie - Gus Fritschie is an information security professional living in Washington, D.C. He is the Chief Technology Officer at SeNet International (senet-int.com). Gus has experience leading and performing numerous vulnerability assessments and penetration tests in support of financial audits, FISMA, and other compliance-related efforts. Clients included Fortune 500 companies, civilian agencies, and the Department of Defense (DOD). Projects included enterprise-wide vulnerability assessments for multiple government and commercial clients, management of the certification and accreditation (C&A) efforts, and Web application penetration tests. His wife also watches lots of movies, which means he does too.

Big thanks to Damian Profancik for recording these.

Back to Derbycon 2012 video list