@jeanqasaur
- Главная
- Разное
- Дизайн
- Бизнес и предпринимательство
- Аналитика
- Образование
- Развлечения
- Красота и здоровье
- Финансы
- Государство
- Путешествия
- Спорт
- Недвижимость
- Армия
- Графика
- Культурология
- Еда и кулинария
- Лингвистика
- Английский язык
- Астрономия
- Алгебра
- Биология
- География
- Детские презентации
- Информатика
- История
- Литература
- Маркетинг
- Математика
- Медицина
- Менеджмент
- Музыка
- МХК
- Немецкий язык
- ОБЖ
- Обществознание
- Окружающий мир
- Педагогика
- Русский язык
- Технология
- Физика
- Философия
- Химия
- Шаблоны, картинки для презентаций
- Экология
- Экономика
- Юриспруденция
Cybersecurity:How to Use What We Already Know презентация
Содержание
- 1. Cybersecurity:How to Use What We Already Know
- 2. @jeanqasaur Our Future Runs on Software Smart
- 3. State of the Art @jeanqasaur Research Industry
- 4. This Talk @jeanqasaur Companies Venture capital
- 5. Part I: What Do Researchers Know? @jeanqasaur
- 6. Jean Yang / Jeeves
- 7. Policy-Agnostic Programming @jeanqasaur My PhD work. Programs
- 8. Policy-Agnostic Programming for Our 21st Century Security
- 9. Part II: How Can We Use Research to Build Secure Software? @jeanqasaur
- 10. Barriers to Industry Adoption Managers need to
- 11. Security is no Tindog @jeanqasaur The Hot
- 12. Unique Challenges for Security Startups @jeanqasaur Justin
- 13. Cybersecurity Factory $20,000 @jeanqasaur Raj Shah Office
- 14. Part III: How To Motivate Customers to Pay for Security? @jeanqasaur
- 15. Insecurity is Expensive “A report released this
- 16. The Security “Prisoner’s Dilemma” @jeanqasaur Lack of
- 17. Creating a Culture Around Caring Consumer Example:
- 18. Summary: How to Secure Software @jeanqasaur
@jeanqasaur Our Future Runs on Software Smart homes Driverless cars Automatic dating But first we need to “solve” security!
Слайд 1Cybersecurity:
How to Use What We Already Know
Jean Yang
Privacy. Security. Risk.
October 1,
2015
Слайд 2@jeanqasaur
Our Future Runs on Software
Smart homes
Driverless cars
Automatic dating
But first we need
to “solve” security!
Слайд 3State of the Art
@jeanqasaur
Research
Industry
Undo mechanisms
Encrypted databases
Program analyses
Provably secure software
Firewalls
The big question:
How
can we take advantage of research ideas in practice?
Слайд 4
This Talk
@jeanqasaur
Companies
Venture capital
Startups
Academia
Policy makers
Consumers
How can we connect researchers to everyone else?
Слайд 6Jean Yang / Jeeves
State of the art.
The Programming Perspective:
We Still Live
in the 1970s
Permissions checks are required across the code.
Слайд 7Policy-Agnostic Programming
@jeanqasaur
My PhD work. Programs attach policies to data. The rest
of the code may be policy-agnostic.
Programming model provides mathematical guarantees.
Implementation strategy scales for real-world programs.
jeeveslang.org
Слайд 8Policy-Agnostic Programming for Our 21st Century Security Concerns
@jeanqasaur
Model
View
Controller
Without automatic policy enforcement
With
Jacqueline, a policy-agnostic web framework that extends Python’s Django
jeeveslang.org
Слайд 10Barriers to Industry Adoption
Managers need to fight status quo.
Programmers need to
manage legacy code.
@jeanqasaur
What about the startup route to tech transfer?
Слайд 11Security is no Tindog
@jeanqasaur
The Hot New Silicon Valley Startup
Startup that Helps
Us Build Secure Software
Fun concept. Slick design. Toddler nephew can use it. Integrates with your life.
Technical concept. Verifiable by experts. Requires infrastructure change.
Слайд 12Unique Challenges for Security Startups
@jeanqasaur
Justin Somaini, Chief Trust Officer
Concept is highly
technical.
No flashy demos.
Adoption requires client expertise and/or trust.
Solving a technical problem != building a product.
No flashy demos.
Adoption requires client expertise and/or trust.
Solving a technical problem != building a product.
Слайд 13Cybersecurity Factory
$20,000
@jeanqasaur
Raj Shah
Office space
Focused mentorship
A network
David Ting
An 8-week accelerator I started
that gives teams:
Legal support
Maxwell Krohn
cybersecurityfactory.com
Слайд 15Insecurity is Expensive
“A report released this month by the Atlantic Council
and Zurich Insurance Group estimated that by 2030, an insecure Internet would reduce global economic net benefit by $90 trillion. In contrast, a completely secure Internet would result in a global net gain of $190 trillion.”
-Jeff Kosseff, cybersecurity law professor
-Jeff Kosseff, cybersecurity law professor
@jeanqasaur
Слайд 16The Security “Prisoner’s Dilemma”
@jeanqasaur
Lack of individual incentive:
Requires more employee training.
Requires more
programmer effort.
Doesn’t currently provide competitive advantage.
Doesn’t currently provide competitive advantage.
Слайд 17Creating a Culture Around Caring
Consumer Example: Snapchat
@jeanqasaur
Numerous privacy violations, but valued
at $16 billion with 100 million users.
Policy Example: Dentists
Common to email records in violation of HIPAA, but HHS does not audit.
Слайд 18
Summary: How to Secure Software
@jeanqasaur
Ask smart people to come up with
technical solutions.
Put solutions into practice.
Iterate.
Put solutions into practice.
Iterate.
@jeanqasaur
jeanyang.com
Connect research with industry.
Change incentives for security.
Communicate and educate!
