Free

Security by design revisited 2nd workshop

Event Information

Share this event

Date and Time

Location

Location

BCS, The Chartered Institute for IT

5 Southampton Street

London

WC2E 7HA

United Kingdom

View Map

Event description

Description

The 2nd workshop in a series of three.

Security by design revisited

In association with TechUK, (ISC)2, EEF - the Manufacturers’ Organisation, and the Trustworthy Software Foundation.

In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters. — Jeff Jarmoc

The mantra of any good security engineer is: 'Security is a not a product, but a process.' It's more than designing strong cryptography into a system; it's designing the entire system such that all security measures, including cryptography, work together.

— Bruce Schneier

If we were to ask a student or engineer what secure by design means, and how do they do it, what would they say?

Perhaps it depends on who you ask. On the face of it there is plenty of advice and guidance available. Perhaps the problem is therefore one of adoption. This research aims to review the guidance that exists, but then focus on why adoption is a problem in training, education and businesses. Is it that the advice and guidance is too complex to be adopted, reproduced and habituated easily. Is it simply too expensive to adopt?

A number of questions are within scope of this research:

  • What are the barriers to adoption to security by design?
  • What can be done to reduce the barriers?
  • Who needs to take the lead?
  • How do we account for international supply chains?
  • What measures and quick wins can be adopted with little cost?
  • How is the problem viewed from different perspectives in businesses, ethics, education and social contexts.
  • How can security by design practice be adopted in systems with emergent properties?

This research follows on from IAAC’s recent work on smart-living IoT. The first workshop in the series will seek to scope the programme. Dates for the final London workshops is 1000-1300, 5 Dec 2017

If you would like to discuss anything in this proposal or offer support, please get in touch with Nigel Jones CEO IAAC - ceo@iaac.org.uk. If you would like to notify your desire to participate, please email info@iaac.org.uk. Any suggestions for developing this work are welcome.


Share with friends

Date and Time

Location

BCS, The Chartered Institute for IT

5 Southampton Street

London

WC2E 7HA

United Kingdom

View Map

Save This Event

Event Saved