2022-07-05, 11:50–12:25 (Europe/Paris), Amphitheater
Despite not getting a lot of attention, questions of ethics and morality are everywhere in the cybersecurity field. As our community concentrates more and more political power through the giant technology companies ruling the digital realm, a discussion on acceptable practices is needed more than ever.
In this talk, I want to bring forward new security dilemmas that have surfaced in the recent years and that practitioners face every day. My hope is to foster a much-needed reflection about our role in the cybersecurity world, especially as it it being transformed by its first military conflict ever.
The aim is not to be patronizing and distribute brownie points, or shame people or companies that are not behaving ethically (well, maybe NSO). Instead, I would like to use these 20 minutes to recognize the very real and complex problems that we face, mostly in isolation. The list below contains a few of the topics I intend to address:
- The morality of open-source security software
- Threat intelligence's function as an intelligence broker
- Is it possible to remain neutral in a cyber-war?
- The morality of cyberattacks in the context of the war in Ukraine
See also: 🎥 video
Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst who has been working as a Senior Security Researcher in the Global Research & Analysis Team at Kaspersky since 2018. He maintains an open-source dissection tool for Windows executables and his research has been presented during several cybersecurity conferences. As a digital privacy activist, he operates an exit node of the Tor network. Kwiatkowski also delivers Kaspersky’s reverse-engineering training in Europe.