#StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission....
Transcript of #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission....
![Page 1: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/1.jpg)
#StartwithSecurity
![Page 2: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/2.jpg)
#StartwithSecurity
WelcomeHank Levy
Chairman, Computer Science and EngineeringUniversity of Washington
![Page 3: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/3.jpg)
#StartwithSecurity
Introductory RemarksCharles Harwood
Regional Director, Federal Trade Commission
![Page 4: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/4.jpg)
#StartwithSecurity
Opening RemarksJulie Brill
Commissioner, Federal Trade Commission
![Page 5: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/5.jpg)
#StartwithSecurity
Panel 1 Building a Security Culture
![Page 6: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/6.jpg)
#StartwithSecurity
FeaturingPeter Oehlert, Director of Product Security, FacebookAdam Shostack, CEO & Founder, Stealth StartupMatt Thomlinson, Vice President of Cloud and Enterprise Security, MicrosoftTarah Wheeler Van Vlack, CEO & Co‐founder, Fizzmint
Moderator: Miry Kim, Division of Privacy and Identity Protection, FTC
![Page 7: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/7.jpg)
#StartwithSecurity
Building a Security CultureSecurity as Core Value Founders, executives, and employeesBuilding Security Expertise Engineers with interest can become security championsThreat Modeling “Just do it”Training Free resources and toolsUsing Secure Frameworks Don’t reinvent the wheel
– Consider potential threats early
![Page 8: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/8.jpg)
#StartwithSecurity
![Page 9: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/9.jpg)
#StartwithSecurity
Panel 2 Integrating Security into the
Development Pipeline
![Page 10: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/10.jpg)
#StartwithSecurity
FeaturingJulian Dunn, Product Manager, ChefJohn Heasman, Senior Director of Software Security, DocuSignPatrick Lamphere, Director of Security and Compliance, Socrata
Moderator: Jim Trilling, Division of Privacy and Identity Protection, FTC
![Page 11: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/11.jpg)
#StartwithSecurity
Integrating Security into the Development Pipeline
![Page 12: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/12.jpg)
#StartwithSecurity
Integrating Security into the Development Pipeline
Integrate security into development to achieve efficiencies and cost savings
Employ different security‐related tools at different phases of development
Use tools you use already for other purposes
Automate testing and feedback where possible
Speak to developers in their language
![Page 13: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/13.jpg)
#StartwithSecurity
![Page 14: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/14.jpg)
#StartwithSecurity
Avoiding CatastropheAn Introduction to OWASP Proactive Controls
![Page 15: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/15.jpg)
#StartwithSecurity
Panel 3 The Business Case for Security
![Page 16: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/16.jpg)
#StartwithSecurity
FeaturingAravind Swaminathan, Partner, Orrick, Herrington & Sutcliffe LLPSaira Nayak, Chief Privacy Officer, TUNEMike Simon, Chief Information Security Officer, Creation Logic, LLC
Moderator: Aaron Alva, Office of Technology Research and Investigation, FTC
![Page 17: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/17.jpg)
#StartwithSecurity
The Business Case for SecurityBusiness customers, investors, and potential acquirers may ask you to implement security measures, or undergo a security review
Develop diligence processes for security upfront to help when seeking future business customers
Address incident response and ways to communicate with those impacted by security incidents
Conduct internal testing to understand the scope of possible security requirements
![Page 18: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/18.jpg)
#StartwithSecurity
![Page 19: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/19.jpg)
#StartwithSecurity
Panel 4Securing the Internet of Things
![Page 20: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/20.jpg)
#StartwithSecurity
Featuring
Shwetak Patel, WRF Endowed Professor of Computer Science and Engineering and Electrical Engineering, University of Washington
Lorie Wigle, General Manager, Internet of Things Security, Intel
Tadayoshi Kohno, Short‐Dooley Professor of Computer Science and Engineering, University of Washington
Arjmand Samuel, Principal Program Manager, Windows Azure Internet of Things Team, Microsoft
Moderator: Jarad Brown, Division of Privacy and Identity Protection, FTC
![Page 21: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/21.jpg)
#StartwithSecurity
Securing the Internet of Things
IoT Device consists of–Device connected to the Cloud–Analytics in the Cloud–Control or Feedback to Device–User Interface
![Page 22: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/22.jpg)
#StartwithSecurity
Securing the Internet of Things
Device Connected to the Cloud
![Page 23: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/23.jpg)
#StartwithSecurity
Securing the Internet of Things
Device Connected to the Cloud
![Page 24: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/24.jpg)
#StartwithSecurity
Securing the Internet of Things
Device Connected to the Cloud
Analytics in the Cloud
![Page 25: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/25.jpg)
#StartwithSecurity
Securing the Internet of Things
Device Connected to the CloudAnalytics in the Cloud
Control or Feedback to Device–Updating and Patching
![Page 26: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/26.jpg)
#StartwithSecurity
Securing the Internet of Things
Device Connected to the CloudAnalytics in the CloudControl or Feedback to Device– Updating and Patching
User Interface
![Page 27: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/27.jpg)
#StartwithSecurity
Securing the Internet of Things
Careful Connections: Building Security in the Internet of Things– https://www.ftc.gov/tips‐advice/business‐center/guidance/careful‐
connections‐building‐security‐internet‐things
OWASP Internet of Things Project– www.owasp.org/index.php/OWASP_Internet_of_Things_Project
![Page 28: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/28.jpg)
#StartwithSecurity
Closing RemarksDean Kellye Testy
University of Washington School of Law
![Page 29: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/29.jpg)
#StartwithSecurity
![Page 30: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/30.jpg)
Subscribe to the FTC Business Blog business.ftc.gov/blog
![Page 31: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/31.jpg)
#StartwithSecurity
![Page 32: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/32.jpg)
#StartwithSecurity
Learn MoreStart with Security: A Guide for Business– ftc.gov/startwithsecurity
Protecting Personal Information– https://www.ftc.gov/tips‐advice/business‐center/guidance/protecting‐personal‐information‐guide‐business
Slides & Videos from Start with Security events– ftc.gov/startwithsecurityseattle– ftc.gov/startwithsecurityaustin– www.ftc.gov/news‐events/events‐calendar/2015/09/start‐security‐san‐francisco
![Page 33: #StartwithSecurity - Federal Trade Commission · Regional Director, Federal Trade Commission. #StartwithSecurity Opening Remarks Julie Brill Commissioner, Federal Trade Commission.](https://reader035.fdocuments.net/reader035/viewer/2022071012/5fca3c14d783d06d8645438f/html5/thumbnails/33.jpg)
#StartwithSecurity