Conference:  Defcon 31

Authors: Jen Easterly Director, Cybersecurity and Infrastructure Security Agency, Scott Shapiro Author, , Yale Law School Professor

2023-08-01

Fancy Bear, Dynamic Panda and Charming Kitten – we live in a time where we are constantly under attack without even knowing it. CISA Director Jen Easterly and Yale Law School Professor Scott Shapiro, author of “Fancy Bear Goes Phishing: The Dark History of the Information Age In Five Extraordinary Hacks” discuss how best to understand the challenge of information security; what we can learn from looking back; and how the decisions we make today to prioritize security by design will shape our future.

Conference:  Black Hat Asia 2023

Authors: Xiaosheng Tan

2023-05-11

Data has been regarded as the fifth factor of production, and data security is ranked a high priority by governments across the world. In China, data security-related legislation such as the "Data Security Law" and "Personal Information Protection Law" have been promulgated and have were put into effect in 2022. The number of data security projects also increased rapidly. The government, finance, telecommunications, energy, education, healthcare, and other industries have different regulatory requirements for data security and their strategies for data security are quite different.The biggest challenge facing data security is that data security technologies, products, solutions, and service capabilities are far behind regulatory and customer requirements. Some companies have made meaningful explorations in data security products and solutions, such as privacy enhanced computing, transparent encrypt/decrypt, zero trust in data security, etc.

Conference:  OWASP 20th Anniversary Event

Authors: Jaya Baloo

2021-09-24

The speaker discusses the challenges of information security and the need for a clear focus on the top priorities to address the problem.

• Information security is facing challenges, including the rise of ransomware cases.
• There is a need for better communication and prioritization of the top security issues.
• Organizations should focus on the top 10 must-haves for each year to make security goals more achievable.
• Security should be presented in a financially understandable way to demonstrate its value to the enterprise.
• Rules of engagement should be established to address cyber threats and espionage.
• The speaker emphasizes the need for a sustainable approach to fixing security problems.
• The speaker also highlights the importance of engaging with different groups to set rules of engagement and address cyber threats.
• The speaker uses the example of the Cassandra complex to illustrate the challenge of getting people to believe in the predictions of security experts.