This episode does NOT have a sponsor. 🤔
Learn more about sponsoring the Unusual Gatherings Talk Show
Conversations At The Intersection Of Technology, CyberSecurity And Society.
Amit Elazari | MK Palmore
Sean Martin | Marco Ciappelli
ITSPmagazine’s Unusual Gatherings XXXII:
The Legal, Civil, Commercial, and Societal Pulse of CyberSecurity
If I had to take a bet before Hacker Summer Camp in Las Vegas 2019 I wouldn’t have put my money on “collaboration” being the topic that, more than anything, spontaneously came up during the many conversations we had. Sure, there were some hints from conversations we had prior to the event, and I was hoping that sooner than later it would become one of the core topics to leverage and improve the future of cybersecurity. However, I didn’t expect it to come this early and to present itself this strongly as a message throughout the whole week.
The need and importance of collaboration was pretty much the main theme of most of the discussions we had during Hacker Summer Camp and it also ran through our Unusual Gathering conversation with Amit Elazari and MK Palmore as well. During the chat, Amit pointed to collaboration between policymakers and the commercial space and MK highlighted the natural relationships and partnerships being formed between multiple vendors and data sharing entities to tackle some of the hard problems organizations are facing as they attempt to put in technical and operational controls throughout their organization.
As noted by MK during our chat, we have knowledge of the adversaries collaborating with each other; they seem to know how to share information with one another—whether they monetize it or not, they are sharing, learning, and progressing. They have always known that there is an incredible value in that.
Fortunately, our industry is finally waking up to collaborate with each other; collaboration is also being encouraged more often and in more places than it has even been before. According to Amit, the commitments toward security are not just technical; they are also in the policymaking arena. For example, academia are collaborating with researchers who are collaborating with the hacker community that is—finally—collaborating with policymakers—ultimately in full circle and all as a means to get ahead of the threat curve.
Of course, the world of cybersecurity doesn’t end at the controls and the protections; we can point to countless stories of breaches occurring in pretty much every industry and across every size of organization—no company is 100% immune to risk; no company can achieve 100% protection.
After 30 years working for the US government, MK is in a unique position to highlight the need to be prepared for the inevitable “other side of the boom”—he’s seen this scenario unfold far too often. Unfortunately, we’re still quite a bit behind the 8-ball here as innovation oftentimes outpaces risk management.
However, if we approach this problem differently, we have a decent chance to overcome these challenges without stifling innovation. Ignoring the exposure that comes with fast-moving modernization is certainly not the right answer. Perhaps there are some lessons to be learned from the development and deployment of cloud technologies over the past number of years? Amit and MK have some interesting insights and they share them in this conversation.
In the end, it’s clear that cross-pollination of roles and careers is beneficial to all parties involved. While we got the chance to meet security professions that came from law, academia, and government roles during this specific Unusual Gathering conversation, I think it’s time to extend the conversation further by converging of all these diverse—sometimes opposite—points of view. It is that opportunity to collaborate that we must take advantage off.
Have a listen, discuss, think, and engage with others as much as you can.
We all win if we do.