Data Driven Security

Episode 29

In this episode, Jay and Bob talk about power laws and their application in cyber security. First, they talk with Marshall Kuypers, a PhD candidate in Management Science and Engineering at Stanford University and discuss power laws in general. Second, they sit down with Michael Roytman, Data Scientist and Kenna Security to talk about power laws in cyber security.

• Power Laws
• Probability Distributions

Episode 28

In this episode, Jay sat down with Doug Hubbard and Richard Seiersen to talk about their upcoming book "How to Measure Anything in Cybersecurity Risk". Bob talks about the rOpenSci unconference and the two talk about 2 recent publications.

• rOpenSci
• rNOAA
• When-ish is my Bus (pdf)
• Dell Secureworks Underground Hacker Marketplace Report
• How to Measure Anything in Cybersecurity Risk

Episode 27

In this post-RSA conference episode, Jay participated with StoryCorps along with Wade Baker and the two reflected on their time working together on the Verizon Data Breach Investigations Report.

• Find out more about StoryCorps at https://storycorps.org/

Episode 26

In this episode, Bob sits down with co-workers on the data science team at Rapid 7. They explore the future of security data science, Heisenberg and Project Sonar.

• Keep on top of Heisenberg developments at http://community.rapid7.com/
• Find out more about Project Sonar at http://sonar.labs.rapid7.com/ and http://scans.io/
• Get tools to work with both at http://github.com/rapid7

Episode 25

In this episode, Bob & Jay talk amongst themselves. First they cover some recent work from Jay looking at Peer-to-Peer traffic and then they transition into conferences in 2016 with some element of being Data-Driven.

• FloCon 2016 (you just missed it!)
  January 9–12, 2017 in San Diego, CA
  http://www.cert.org/flocon/
• ShmooCon 2016
  http://shmoocon.org/
  January 15-17, 2016 in Washington, D.C.
• 2016 Cyber Risk Insights Conference
  http://www.advisenltd.com/events/conferences/09/02/2016-cyber-risk-insights-conference-london/
  February 9, 2016 in London
• Network and Distributed System Security (NDSS) Symposium
  February 21-24, 2016 in San Diego, California
• RSA Conference 2016
  http://www.rsaconference.com/events/us16
  February 29 - March 4, 2016 in San Francisco, CA
• 1st IEEE European Sumposium on Security & Privacy
  http://www.ieee-security.org/TC/EuroSP2016/
  March 21-24, 2016 in Saarbrücken, GERMANY
• 37th IEEE Symposium on Security & Privacy
  http://www.ieee-security.org/TC/EuroSP2016/
  May 23-25, 2016 in San Jose, CA
• 11th Annual Cyber and Information Security Research (CISR) Conference
  http://www.cisr.ornl.gov/cisrc16/
  April 5-7, 2016 in Oak Ridge, TN
• 15th Annual Workshop on the Economics of Information Security (WEIS)
  http://weis2016.econinfosec.org/
  June 13-14, 2016 in Berkeley, CA USA
• International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA 2016)
  http://c-mric.org/csa2016
  June 13-14, 2016 in London
• 25th USENIX Security Symposium
  https://www.usenix.org/conference/usenixsecurity16
  August 10–12, 2016, in Austin, TX.
• SIRAcon
  http://societyinforisk.org/
  October-ish 2016 (TBA)
• The Fifth International Conference on Informatics and Applications (ICIA2016)
  http://sdiwc.net/conferences/fifth-international-conference-informatics-applications/
  November 14-16, 2016 in Takamatsu, Japan
• 2015 Annual Computer Security Applications Conference
  http://www.acsac.org/2015/
  December 5-9, 2016 in Los Angeles, CA
• Data-Driven Security: The Blog
• Data-Driven Security: The Book