session 4. boundary issues of internet security chair: victor ralevich
DESCRIPTION
Session 4. Boundary Issues of Internet Security Chair: Victor Ralevich. Coming Soon. to a computer near you. a. Damian Gordon. production. HACKERS AND. But first, a story. A Long, long time ago…. A Long, long time ago…. UNNAMED ORGANISATION. A Long, long time ago…. Owner. - PowerPoint PPT PresentationTRANSCRIPT
Session 4.
Boundary Issues of Internet Security
Chair: Victor Ralevich
ComingSoon
to a computer near you
Damian Gordon
production
a
HACKERS AND
But first, a story
A Long, long time ago…
A Long, long time ago…
UNNAMED ORGANISATION
A Long, long time ago…
me
My boss
My boss’s boss
Owner
A Long, long time ago…
me
My boss
My boss’s boss
Owner
A Long, long time ago…
me
My boss
My boss’s boss
Owner
First task…
Create security policies for 17 companies
= bewilderment
Security Policy
Security Policy
Risk Analysis
How do you identify threats?
“…experience and imagination…”
- Pfleeger and Pfleeger
How do you identify threats?
“…experience and imagination…”
- Pfleeger and Pfleeger
Hacker Movies
The work
• This research seeks to identify whether or not movies are accurately portraying hackers, and the implications of that portrayal for new and non-technical managers.
Hacker vs Hacker
Data Collection
Grounded Theory
Six Principles
A hacker movie must feature a hacker in it, It’s insufficient to have an act of hacking in the
movie, the hacker must appear.
I
Not all cyberpunk movies can automatically be considered as hacker
movies.
II
Only Science Fiction movies that feature
recognisable hacker scenarios
should be included.
III
No animated movies will be considered.
IV
No movies will be considered whose sole focus is cryptography.
V
No hacker documentaries
will be considered, only movies.
VI
Resulting in…
The Two Cultures?
The Two Cultures?
The Two Cultures?
TwoCultures?
The Two Cultures?
TwoCultures?
When was the first hacker movie?
1950s
1960s
1970s
1980s
1990s
2000s
Would you believe?
1950s
1960s
1970s
1980s
1990s
2000s
1950s
1960s
1970s
1980s
1990s
2000s
FORCED INTO HACKING
INSIDER THREATS
SEQUELS
Comparing the movies to real life
In real life…Average age of a hacker?
5-15 years old
15-25 years old
25-35 years old
35-45 years old
45-55 years old
55-65 years old
In real life…Average age of a hacker!
5-15 years old
15-25 years old
25-35 years old
35-45 years old
45-55 years old
55-65 years old
In the movies…Age of Hackers
In real life…Occupations of hackers
• Mostly IT industry, with a few full-time hackers.
In the movies…Occupation of hackers
In real life…Insider versus outsider attacks
• Might be as high as 50/50
In the movies…
But…
• “teenagers sitting in their bedrooms ”
• “often high school or university students ”
1. Threat of destruction from US
2. Young hackers contacted by KGB
3. Monomyth
Conclusion
OK so what does that tell us
• Is it us or them?
• We need to make it clearer
???
Questions
???