Colloquium: On Dealing with Risk While Crystal-Ball Gazing

Posted on 4/14/2008 11:35:52 AM

A Heretic’s Views on Modern Information Security

Rebecca Gurley Bace

Information security has come a long way in the past half century, fueled by the proliferation of information technology and all-too-familiar forces of human nature. Rebecca Bace has been on the front lines of information security for a quarter century with a career that has taken her from the intelligence community through the national laboratories to her current post as an information security practitioner and venture capitalist in Silicon Valley.

This presentation will offer an independent view of the history and current state of information risk management, with topics including the following:

  • A brief history of information security
  • How information security and risk management has changed over the last half century
  • How a casual (but interested) observer can differentiate between hype and substance when dealing with security topics
  • Thoughts on how non-technical everyday experiences can be used to understand information risk issues and management approaches
  • Advice on dealing with a future in which information risk issues may well impact and profoundly affect your everyday life

About the Speaker

Becky Bace is widely recognized as one of the most influential people in information security today. Her career includes roles in research, development, operational management, and strategy, in settings ranging from the U.S. Intelligence Community (NSA) to a national laboratory (Los Alamos National Laboratory) to her current role as a strategic consultant in Silicon Valley.

Ms. Bace is currently President and CEO of Infidel, Inc., a strategic consulting firm focusing on information security and risk management, and a venture consultant for Trident Capital, where she oversees Trident’s security-related investment portfolio. Although Ms. Bace is acknowledged most often for her work in intrusion detection (she is credited with successfully funding and transferring the first generation of intrusion detection technology to the commercial market,) she is also considered an key influencer in other security technology areas.

Her publication credits include the books Intrusion Detection (Macmillan, 2000) and (with Fred Chris Smith) A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony as An Expert Technical Witness, (Addison-Wesley, October, 2002) She is also author of NIST Special Publication SP 800-31 Intrusion Detection and the chapters on intrusion detection, penetration testing, and vulnerability assessment for the Computer Security Handbook, 4 Ed., (Wiley, 2003) and 5 Ed. (Wiley, 2006), considered the definitive practice handbooks for information security professionals. Ms. Bace was named one of the top ten security professionals in the industry (Information Security Magazine, 2008), one of the five most influential women in security (Information Security Magazine, 2005) , and received a Distinguished Leadership Award from the National Security Agency (1995) in recognition of her work leading the intrusion detection research program.