August 8, 2023 – This week, hackers, infosec enthusiasts, vendors, security professionals, journalists, cyber aficionados, government officials, researchers, students–and IST–will descend on Las Vegas for the conference “triple threat” of Black Hat, BSides, and DEFCON. Combined, the three convene tens of thousands of attendees for panels, workshops, capture the flag, hacking sessions, speeches, competitions, gatherings, and more.
We attend these events not only to share our findings from ongoing research, convenings, and workshops, but also to learn from others in the cyber and security communities and expand our networks. Our mission to bridge the gap between policymakers and technologists requires diverse perspectives, robust networks, and trusted stakeholders. Whether organizing a closed-door meeting to set out the state-of-play in an industry or bringing together cross-sector stakeholders to address a critical emerging security threat, our approach is only as strong as the communities and people who take part.
We look forward to joining in the frenzy and hope to see you there! Below, we’ve compiled a series of events our team and IST adjunct advisors will be participating in and attending.
Tuesday, August 8 at 3:00 pm PDT
Chief Trust Officer Steve Kelly will join Editor in Chief of The Security Ledger Paul F. Roberts and Sick.Codes for a discussion on vulnerabilities in the food supply chain. The food supply chain is one of the most brittle: it relies on other sectors, such as water, chemical, ground transportation, rail, cold chain and cold storage, and electricity; much of the power in the sector is concentrated in the hands of large actors; and it is highly susceptible to disruptive forces, including volatile weather patterns and regional conflict. What are the broader risks facing the sector, and what can be done about it? The talk is part of a series hosted by the volunteer organization I am the Cavalry, whose members address technologies that have the ability to affect human life and public safety.
DEFCON | Generative AI Red Teaming
Friday, August 11 – Sunday, August 13
IST’s Zoë Brammer and Philip Reiner will volunteer at the DEFCON AI Village’s Generative AI Red Teaming exercise. Supported by the White House Office of Science, Technology, and Policy, the National Science Foundation’s Computer and Information Science and Engineering (CISE) Directorate, and the Congressional AI Caucus, the event will test the safety and security of large language models provided by Anthropic, Google, Hugging Face, NVIDIA, OpenAI, and Stability.
DEFCON | At Scale Cyber Risk Assessments and Risk Mitigation Measures for Surface Transportation Stakeholders
Friday, August 11 at 12:00 pm PDT
Adjunct Senior Technical Advisor Bryson Bort will sit down with TSA Administrator David Pekoske to announce the Transportation Security Administration’s joint program with the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security Science and Technology Directorate (S&T), the Federal Railroad Administration (FRA), and the Pipeline and Hazardous Materials Safety Administration (PHMSA). The program aims to develop threat modeling and risk quantification of critical functions in the transportation sector. It will test vulnerabilities in hardware and software components and develop a prioritized list of cyber threat-based scenarios. Following the event, representatives from the participating agencies will sit down for a roundtable with ICS Village participants to generate feedback and ideas.
Saturday, August 12 at 3:00 PDT
Adjunct Senior Technical Advisor Marc Rogers will join International Committee of the Red Cross’s Mauro Vignati, head of NATO’s Cyber Threat Analysis Branch Stefanie Metka, and research associate at the U.S. Naval War College’s Cyber and Innovation Policy Institute Dan Grobarcik to discuss the implications of non-state actors in cyberspace. Taking the Russia/Ukraine conflict as a case study, they will investigate the ways in which the actions of non-state actors challenge basic assumptions about cyberspace as a domain of operations.