Hackers, Pekoske said, “will see things from a different angle than we see. The main objective is to find out, Pekoske said, is “how do you assess risk and degrees of risk within a pipeline system or a rail system?” He said TSA would like to develop CHARIOT into a regular “dialogue with with the hacker and hacker research community.” (“It’s a long one,” he told CyberScoop in hallway con.) Similarly, at a panel at the ICS Village at DEF CON, TSA Administrator Pekoske announced the launch of a research program dubbed CHARIOT, or the Critical Infrastructure Hardening to Achieve Risk Reduction in Information and Operating Technology. So we made sure to publish it so this community can plug in and help us make smart, realistic policy around how we make open source technology more secure.” “I need reaction from that, particularly from you. “How do we make it more secure is the fundamental question,” Walden said at Black Hat. While the actual document itself was off the record and under Chatham House rules, the unusual panel is emblematic of the help sought out by hackers from government officials - a long cry from the first congressional hearing with members of the L0pht hacking collective in 1998.Īt Black Hat, the ONCD announced a new request for information on securing open source security. At the policy village, ONCD and CISA officials held an “red-pen workshop” for a draft policy document on secure by design guidelines, which is a key push by the administration, the Messenger reported. “We are in the White House for a reason and that is to provide strategic cybersecurity advice to the President. Walden’s message was no different: “Here at DEF CON, we have a whole staff here who are here to talk to you to help us design better policy,” she said. We need you to help us,” said Mayorkas during his opening statement at DEF CON. (And following DEF CON tradition, many of the first time speakers took a shot before speaking.) Some former officials like Chris Inglis also made the scene. Among the top officials included DHS Secretary Alejandro Mayorkas, Acting National Cyber Director Kemba Walden, CISA Director Jen Easterly, and TSA Administrator David Pekoske. In total, some 75 global policymakers attended, six to eight officials who hold Senate-confirmed positions and 10 policy announcements were timed for DEF CON, noted Woods.Īt policy panels, meetups, and, of course, in the hallway tracks at DEF CON, officials from the Office of the National Cyber Director, White House Office of Science and Technology Policy, United States Agency for International Development, the Cybersecurity and Infrastructure Security Agency, and the Transportation Security Administration were in full force. “So it is now going to be archived as a part of the National Archives,” said Beau Woods, head of the DEF CON policy group and leader of the I am The Cavalry initiative, at the conference closing ceremony. The White House has even gotten into the action in Vegas with its own red-teaming exercise at AI Village during DEF CON and badge contest with some of the challenges hidden on the White House website. “We’ve come a long way from spot the fed at DEF CON,” said Jeff Moss, founder of both DEF CON and the more corporate-friendly Black Hat conference, at Black Hat in Las Vegas. The feds appeared to be everywhere - presenting on stage, hosting gatherings, running workshops, operating hackathons and generally mixing it up with all the attendees. This year, however, they were easy to find. In the early years of camp, especially at DEF CON, federal officials were so rare, attendees would be challenged to “spot the fed.” Hacker summer camp - made up of BSides Las Vegas, Black Hat and DEF CON - was once the destination for misunderstood hackers to find their own tribe, researchers hoping to wow technical crowds with their findings and technophiles looking to test their skills and occasionally pull off some high-profile pranks. LAS VEGAS - The annual gathering of cybersecurity researchers and industry executives who came here for a trio of conferences this month - colloquially known among the infosec crowd as hacker summer camp - had plenty of visitors this year carrying credentials from all levels of the federal government.Īnd they came with one resounding request: We need your help.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |