Chats From InfoSec Europe 2019 | A conversation With Troy Hunt

Chats From InfoSec Europe 2019 | A Conversation With Troy Hunt.jpg

By Marco CiappelliSean Martin

During our InfoSec Europe Conference Coverage, we connected with keynote speakers, presenters, panelists, organizers, and the InfoSec community to keep the conversation going. This is one of those chats.

ITSPmagazine coverage, podcasts, webcasts, articles, and all our happenings during InfoSec Europe 2019 is made possible by the generosity of our sponsors. We are ever so grateful for your support.

Have a story to share and want to join us for the journey? We invite you to discover the benefit of the full coverage sponsorship and let us know if you are interested in joining us for our adventures. We look forward to another exciting conference.

It was a bright, cold day in June, and the clocks were striking thirty past nine in the morning. On this last day on the Olympia show floor in London, after a few unsuccessful attempts, Sean and I were finally able to say hi, sit down, and have a good ole chat with Troy Hunt while we sipped on a cup of hot coffee. Yes, a podcast with Mr. Troy Hunt!

Australian, security researcher, software developer, founder of Have I Been Pwned, blogger, public speaker, keynote and overall 'very busy guy.' Especially this week in London, where the opportunities to talk CyberSecurity are plenty: Infosecurity Europe, Bsides London, and the many satellite events taking place around the main event such as cybersecurity Rants, company events, and even some industry awards.

We actually met Troy on the first day of our adventures at one of those extracurricular industry events where he won a top bloggers award (and we did not). It indeed was one of those De Coubertin situations where the most important thing for us was not to win but to take part; it sure was great to be nominated and be there with everyone to celebrate our global community.

But let's get back to the podcast. As an Australian that travels the world speaking at all sorts of conferences and winning European awards for his contributions to the InfoSec community, the first part of the conversation was naturally dedicated to discussing and appreciating the concept of cybersecurity as a global phenomenon which allows for dialogue to happen between and within InfoSec communities without any geographic boundaries. Clearly, the exchange of information is a strong driving force for the future of this industry and society.

On this topic, being in Europe, Sean and I took the opportunity to carry on our mission to explore the different ways that cybersecurity is perceived, promoted, and practiced in different parts of the world. We invited Troy to share his point of view on the subject, and we found ourselves talking about the perception of privacy and its consequent regulations and application in Europe vs. the USA. Troy rightfully suggest that one of the key differences is the attribution of ownership of private data and retention. By the way, do companies really need data from 19 years ago - especially sensitive data? Do they just see those — any data actually — as an asset that increases the value of their users' "experience" and never consider the fact that they could quickly become a liability? 

Have I Been Pwned? Have you? I am sure you have asked yourself this question, utilized this service, or at least heard about it. How could we have a conversation with Troy and not ask him about his creation and how he sees society leveraging such a unique and valuable service? Interestingly enough, it was built as an experiment that has become exceptionally popular, truly appreciated, and used in the most diverse of individual, commercial, and even public sector case studies all over the world. 

How about data breaches? They seem to be quite popular lately: they happen way too often, and we (the industry and the media in general) speak about it perhaps too much — but not as effectively as we should… yet. Troy's keynote at Infosecurity Europe this year happened to be about this subject, and we were excited to hear more about it and the different angles he used to analyze things - we connected within him before the presentation actually took place later that afternoon.

But enough reading — it is time for you to listen to this podcast and hopefully enjoy it. As usual, we aim for a friendly, entertaining, and educational chat. As I often repeat: "If a conversation doesn't leave you thinking and wanting for more, it was probably not worth having." 

I think this one was worth us recording it and for you to listen to it.