Security can often feel like an unapproachable and mysterious part of an organisation – the department of work prevention, the department of “nope.” But it doesn’t have to be that way.
In this talk we will look at the unintended users of a product, the “threat agents”.
By engaging the Security team in the Product process, we can model the dark side of use cases and user stories through threat modelling techniques. This can help demystify impenetrable security NFRs through concrete examples of how these threat agents may try to misuse your shiny new digital product.
Jeff is a technology leader, blogger, public speaker, coder and architect with over 20 years’ experience within the IT industry, working across the public and private sectors. A self-confessed “lifetime technologist” – having started coding when he was six years old – Jeff’s career has taken him from working for household name organisations in financial services to healthcare and retail in various roles. Aside from being xDesign’s CPTO, Jeff is really passionate about CyberSecurity (having previously spoken at LDF on the future of CyberCrime) and is currently studying for a Masters degree on the topic.
Jeff has delivered talks across the country to share his expertise, insight, and join the many debates within the tech space, covering technical topics through his extensive software delivery experience, as well as business- and people-centric topics through knowledge gained in technology leadership roles.
Lianne Potter, Cyber Anthropologist at The AnthroSecurist
Lianne is an award-winning cyber anthropologist and security transformation leader with experience in the retail, healthcare, finance, private and non-profit sectors.
Her consultancy, The AnthroSecurist, enables teams in complex organisations to understand each other’s motivations, identify barriers that have prevented good security practices in the past, and provide practical steps and insights to increase collaboration between the security team and the rest of the organisation.
Lianne is also the Head of SecOps for the largest greenfield technology project in Europe where she builds strategies to create sustainable security cultures throughout the organisation.
As a respected speaker, Lianne has delivered talks across the globe to share her vision for a new type of security function. Drawing upon her expertise as an anthropologist, her practical experience as a security-focused software developer and as a security practitioner; Lianne combines the human and the technical aspects of security to evangelise a cultural security transformation.