Our profession is at a crossroads. The success of malicious actors such as phishers, spammers, malvertisers, and other criminals combined with revelations of pervasive government surveillance has changed the way users look at technology and has greatly increased our responsibility for building safe software.
The role of security has also evolved significantly for Internet companies. Companies that began with a mission to provide engaging or entertaining experiences now serve as a conduit for populist uprisings and free expression. That evolution comes with a cost, as the very same companies are now targets for top-tier intelligence agencies.
This talk will recap the speaker's first six months as the CISO of Yahoo. We will review the impact of the government surveillance revelations on how Yahoo designs and builds hundreds of products for across dozens of markets. The talk includes discussion of the challenges Yahoo faced in deploying several major security initiatives and useful lessons for both Internet companies and the security industry from our experience. The session will close with a discussion of the fundamental challenges that are left to be tackled for large Internet companies as well as possible solutions.
Alex Stamos is the CISO of Yahoo. He was the co-founder of iSEC Partners and founder of Artemis Internet, two companies that continue to make the Internet a safer place. Alex has spent his career building or improving secure, trustworthy systems, and is a noted expert in Internet infrastructure, cloud computing and mobile security. He is a frequently request speaker at conferences such as Black Hat, DEF CON, Amazon ZonCon, Microsoft Blue Hat, FS-ISAC and Infragard. He holds a BSEE from the University of California, Berkeley and his personal security writings are available at http://unhandled.com.