The Locknote discussion at the conference focused on the most pressing issues facing the InfoSec community, particularly the responsibility for solving supply chain issues and the need for better communication and design for users.
- The responsibility for solving supply chain issues is unclear, with some suggesting it lies with platform developers and others arguing that it is the responsibility of those closest to the build environment.
- Automation can help with threat hunting and data analysis, but it is not a complete solution to defending against cyber attacks.
- Blaming users for making the wrong trust decisions is not productive, and better communication and design are needed to improve user experiences.
- The complexity of the internet and the many layers of band-aids make it difficult to predict where a cyber attack might come from.
- An anecdote was shared about the need for better communication and feedback cycles in automobiles to improve safety.
The speaker shared a story about the human engineering or human feedback cycles on some automobiles, where they knew the limits of the car's speed to improve safety. This illustrates the need for better communication and feedback cycles in cybersecurity to improve user experiences and prevent cyber attacks.