Josh Bressers is the head of Product Security at Elastic. Josh has been involved in the security of products and projects, especially open source, for a very long time. He has coordinated countless security vulnerabilities, both with and without logos. Josh co-hosts the Open Source Security Podcast.
The single best way Humans transfer knowledge is through stories. We are a social species and there are no better stories than Star Trek episodes. Nearly every episode of Star Trek involves some sort of security incident. Everything from someone stealing data (or Data), insider threats, APT, malware, and more. There is a lot of content we can use as examples to help teach and learn.
What would the Star Trek lessons look like if we break them down into their core components? Even though the stories are fictitious, we can use them to help tell a story as a way to teach others about security and why it matters. We can start to ask questions like who is the biggest insider threat the ship faces: Data or Wesley? Why is security so terrible, does Worf ever do his job? Have these people ever heard of two factor authentication? Maybe the holodeck should be sandboxed? No the Romulans aren’t telling the truth this time.
Our industry is one of very serious questions and discussions, but sometimes you can be too serious. It can be a challenge to explore security topics even inside of the industry, sometimes we need a new way to think about a problem. Rather than focus on serious security lessons, let’s have some fun made up security stories. There are a lot of lessons to be learned in Star Trek TNG episodes.
In this session we are going to break down the security themes in Star Trek. Who are threat actors. Who are defenders. What are some mitigations that could be applied. What are some proactive ideas that should have been put in place. There are even some examples of recurring incidents because nobody fixed the problem the first time.
You will walk away from this one not just having a lot of fun because Star Trek is awesome, but learning some new ways to look at common problems. Sometimes a little perspective can really get the creative juices flowing.