This interactive workshop is intended to guide delegates through an imaginary scenario of a tera-breach (one-million times worse than a mega-breach). The press reports all of our organizations’ data is being sold on the dark web and hackers have control of the key systems. The critical national infrastructure is impacted and the Prime Minister will be answering questions on the six o’clock news. Riots are predicted within five days and answers are needed immediately. Every employee at every level of the organization is being called upon, including Testing.
You don’t need any previous experience of security testing to learn how you could play a part in the investigation, validation, and response to the incident. Testing is a key component in delivering and maintaining secure systems, but we can save the deeply technical details for later. You’ll need your creativity, common sense, and assertiveness to connect your role to the organization and wider society’s need for better security.
If we could turn back time, what might we have done differently? Should testing be more involved with other processes, if so which ones? Do we have the right tools, techniques, and skills? Should we passively let others set the scope of testing work, or can testers successfully reach into non-traditional areas of responsibility?
Have a half-day of fun experiencing how IT security really works and seeing what opportunities exist for test improvement. Then choose to leave it at that, or go back to work and kick all the doors down that limit your role. One way or another, revolution is in the air!
Declan O’Riordan started speaking at conferences in 2014. Within nine months he’d won the EuroSTAR prize for best conference paper and was voted the ‘do over’ session delegates would most like repeated with ‘The What? Why? Who? And How? Of Application Security’. In 2015 Declan won the prize for best conference paper at the USA’s STAR East conference, and was on the EuroSTAR programme committee for Maastricht. He now spends as much time working with Security Architects as Testers and is rolling out a SecDevOps initiative within a large organisation.
Declan O’Riordan has worked in IT for 34 years and specialised in testing since 1988. His current goal is to develop better communications between project teams and security specialists to prevent application security risks being ignored.