Conference:  Defcon 31

Authors: Nicolas Minvielle Making Tomorrow, Xavier Facélina Seclab

2023-08-01

The links between science fiction and reality have been demonstrated in numerous research studies. By speculating about the possible future uses of technologies under development, science fiction shows us plausible futures. In this sense, it allows us, as a society, to popularize and debate the consequences (expected or not) of our technological developments. In addition to this not negligible social role science fiction also has an impact on our current developments. We speak here of "loop-looping", i.e. there is a feedback loop between what science fiction shows us and what we are then led to actually develop. From this point of view, our imaginations are performative, and this is perhaps the most critical issue: what I see can happen. In the case of hacking and cybersecurity, a particular phenomenon is added: the general public's knowledge of these subjects is mainly through the fictions they watch, read, or listen to. We propose to analyze a corpus of 200 fictional attacks, and 800 real attacks and to compare them to define if the imaginary ones are predictive if they inform us or on the contrary mislead us as for the reality of the current attacks.

Conference:  OWASP 20th Anniversary Event

Authors: Jaya Baloo

2021-09-24

The speaker discusses the challenges of information security and the need for a clear focus on the top priorities to address the problem.

• Information security is facing challenges, including the rise of ransomware cases.
• There is a need for better communication and prioritization of the top security issues.
• Organizations should focus on the top 10 must-haves for each year to make security goals more achievable.
• Security should be presented in a financially understandable way to demonstrate its value to the enterprise.
• Rules of engagement should be established to address cyber threats and espionage.
• The speaker emphasizes the need for a sustainable approach to fixing security problems.
• The speaker also highlights the importance of engaging with different groups to set rules of engagement and address cyber threats.
• The speaker uses the example of the Cassandra complex to illustrate the challenge of getting people to believe in the predictions of security experts.