Scott: “I was surprised at how much the conference crammed into a few days-trying to catch every presentation or workshop I was interested in wasn’t even close to possible.” What surprised you the most about your DEF CON experience? There were also talks on offensive security, hacker law, crazy Gavel Battle debates, and much more.” 3. Powazek: “There was an incredible roster of talks this year, all of which were interactive with big Q&A portions and sometimes breakout groups working on specific proposals! My favorite was the Election Security Bridge Building talk -which brought together election security machine vendors, election officials, and security researchers to talk about trust and collaboration. Shahwan Edwards: “There was an entire track just devoted to policy at DEF CON, which was cool, but what was even cooler was the amount of interest this track garnered! The policy village held over twenty discussions, but some that stood out to me were Hacking Law is for Hackers, Meet the Feds: ONCD + CISA Editions and the Offensive Cyber Industry discussion.” However, there was also plenty of additional policy-focused programming spread throughout the forum – I was able to catch some awesome maritime cyber policy talks at the ICS Village and a discussion on aerospace cyber regulations at the Aerospace Village.” Loomis: “DEF CON officially introduced Policy this year – the first time in the conference’s history they have had a space dedicated exclusively to policy content. Some highlights that come to mind: the Meet the Fed Series, where DEFCON attendees got to hang out with different federal cybersecurity officials in a pretty laid-back capacity and Gavel Battles, which saw some heated debates over beers and giant inflatable gavels.” Scott: “DEF CON ran an entire Policy Village, of which was great to be a part. What policy-focused programming was offered at DEF CON this year? CON aimed to bring the public policy party to hackers where they gather and with topics that are directly applicable to them.” 2. “To put it simply, hackers make good policy, and they shouldn’t have to travel to or live in DC to contribute to the cyber policy space. Sarah Powazek, program director, Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity: “How can you make policy about infosec without the people working in infosec? Applied policy research means trying to get to know these issues from the perspective of those building, running, and breaking things.” Trey Herr, director, Cyber Statecraft Initiative, Atlantic Council: By connecting security researchers with government, policymakers and hackers can better learn from one another and craft more effective policies.” “Think tanks have a track record of serving as a bridge between government and industry. Safa Shahwan Edwards, deputy director, Cyber Statecraft Initiative, Atlantic Council: DEF CON provides the perfect opportunity to bridge this divide and bring these two communities together.” However, these changes cannot be made without input from the folks who will be most affected for decades to come – the hackers and technical practitioners. “With recent headline-grabbing security incidents like Colonial Pipeline, SolarWinds, and Log4J, there is finally sufficient momentum to make meaningful change when it comes to cyber security policy in the United States. Will Loomis, associate director, Cyber Statecraft Initiative, Atlantic Council: Policymakers would be missing out by trying to craft laws and rules about technologies without speaking to the people who make and/or break them.” “Cybersecurity policy is one of those spaces where actual, deep technical expertise and policymaking experience don’t often overlap. Stewart Scott, assistant director, Cyber Statecraft Initiative, Atlantic Council: Why should a think tank be at a hacker conference? Below, they talk about their experience at the DEF CON Hacking Conference, why policy conversations belong at a Hacker conference, and much more! 1. This year, the Cyber Statecraft Initiative – and a few friends – decided to ship out to see what all the hype is about. By Will Loomis, Safa Shahwan Edwards, Trey Herr, Stewart Scott, and Sarah PowazekĮvery year, in the early August heat, thousands of hackers from around the world head to Las Vegas, Nevada for a series of cybersecurity conferences known as Hacker Summer Camp.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |