Categories
Publications

Digital Threats: Research and Practice

Having acted as programme chair for the FIRST Security and Incident response conference last year, I also got to co-edit the special conference issue of the ACM journal Digital Threats: Research and Practice (DTRAP). FIRST sponsored the journal, so our issue is open access, available for anyone to read. Topics covered: Using power consumption to […]

Categories
Articles

Reducing your vulnerability to insider threat

Monica Whitty’s keynote at the FIRST Conference (recording available on YouTube) used interviews at organisations that had been victims of insider attacks to try to understand these attackers – and possible defences – from a psychological perspective. It turns out that thinking about stereotypical “insider threats” probably doesn’t help. Notably, disgruntled employees were responsible for […]

Categories
Articles

The Big Bad Smart Fridge

Leonie Tanczer’s FIRST 2019 keynote (recording now available on YouTube) looked at more than a decade of European discussions of whether/how to regulate the Internet of Things (no, I didn’t realise, either) and how we might do better in future. This is particularly relevant to an incident response conference as – as Mirai and other […]

Categories
Articles

Rebuilding trust in the Internet’s building blocks

Merike Kaeo’s keynote “Waking Up the Guards” at the FIRST 2019 conference (recording now available on YouTube) highlighted how attacks on the internet core no longer target a single service (naming, routing, signing) but move between these to achieve their hostile result. Defenders, too, need to consider the consequences of their implementation choices as a […]

Categories
Articles

Things that Go Bump in the Night

Apparently Miranda Mowbray had been wanting to do a talk on “Things that Go Bump in the Night” for some time, and it made an excellent closing keynote for the 2019 FIRST conference in Edinburgh (recording now available on YouTube). Although “things” may increasingly need an Internet connection to operate, there are significant differences between […]

Categories
Articles

Incident Response for Connected Hardware

An interesting talk from Rockwell at this year’s FIRST conference looked at how to organise incident response in environments containing network-connected hardware devices. Though Rockwell’s focus is on industrial machinery, the same ideas should apply to smart buildings and other places where a security incident can cause physical, not just digital, harm. This is not […]