A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Adaptation of the Security Sub-Culture - Rockie Brockway & Adam Hogan Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Adaptation of the Security Sub-Culture
Rockie Brockway & Adam Hogan
Derbycon 2016

Infosec is a lot like punk rock. We?re an odd sub-culture full of odd people driven by oddly intense passion. In response to increasingly sophisticated attacks, and a series of well televised breaches, the infosec industry has been calling for organizations to ?change the security culture.? But like other sub-cultures we have issues communicating our ideas to the masses. We have a duty to evangelize for security in a way that doesn't expect infosec militants but rather naturally grows a security culture from the bottom up. You can't teach someone to like punk rock. But over time the Sex Pistols' influence eventually led to Offspring, Green Day and Blink-182, and fans of those successful bands were not typically part of the die-hard punk rock sub-culture. Our culture can, and will, adapt this way. If we want to scale we also need to go pop - but we can?t do it overnight. We will give an introduction to complexity theory and the psychology of belonging to a sub-culture. We will show how you can grow your security team and broaden awareness with these ideas in mind - and show a number of ways that organizational change is sure to fail.

Rockie is the Information Security and Business Risk Director and Senior Engineering Director for Black Box Network Services. With over two decades in Infosec/Risk he specializes in Business Risk Assessment and the inherent relationships between data, assets, adversary, processes, business function and need and organizational brand value. He provides vCISO services to several of Black Box's enterprise clients assisting them further develop their business' Enterprise Security Architecture. He also still loves (simulated) stealing and red/purple teaming. He organizes BSidesCLE and is a recovering cynic and math rocker, zero FUDs given. Adam Hogan is a field security engineer for CrowdStrike doing pre- and post-sales engineering. With 15 years in infosec he has worked as a SOC analyst, intrusion detection consultant and taught security classes before joining a sales team for the privilege of not having to go into the same office every day to feign interest in what his colleagues' children did over the weekend that was just so cute. He currently lives in Columbus, Ohio. His graduate studies were in economics, which makes him a bona fide expert in ruining diner parties with statistics.

@RockieBrockway, @adamwhogan

Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast