/>
X

Trey Ford: Testing, notification should not be criminalized (slides)

At informal infosec conference Security B-Sides SF, former Black Hat General Manager and current Global Strategist for Rapid7 Trey Ford outlined the gaps between hacking and legislation in America.
violet-blue.jpg
By Violet Blue, Contributor on
001.jpg
1 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Skip to: the rest of the gallery.

Mr. Ford told SC Magazine in a recent interview,

I love the purity of Security B-Sides, it has a special place in my heart. Conversations and presentations at B-Sides events are unique – they are timely, important, unconventional and unapologetically direct – which means they are often inappropriate for other venues.

(...) The legislation impacting information security should be something everyone in the industry watches closely, and it's a priority for us at Rapid7.

We need to see legislation achieve a balance of protection for researchers, clear guidelines for corporate due care, and simple definitions for criminal and malicious acts.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

Admired by many and known for running a tight strategic operation, it remains to be seen for many of us who admired what Ford did with Black hat just how the sprawling powder keg of a conference will soldier on in his absence. However, after seeing "Legislative Realities" this morning at the DNA Lounge, what's going to happen when Mr. Ford goes to Washington is definitely not going to be boring.

Trey Ford Legislative Realities

 

His BSides SF audience was crowded, and received applause for his pointed statements. In one instance, Ford pointed a finger at Kickstarter for waiting days to disclose being hacked to its users (anger at companies who leave users vulnerable until they get their PR finished), and Ford made an uncompromising point that "Testing and notification should not be criminalized."

I attended BSides SF 2014 today and managed to both avoid any contrived Ada Initiative drama, and took photos of Ford's slides - a selection of which are presented over the next few pages.

BSidesSF

 

0002.jpg
2 of 9 Violet Blue/ZDNet

Vulnerabilities: The Five Stages of Grief

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0003.jpg
3 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0004.jpg
4 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0005.jpg
5 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0006.jpg
6 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0007.jpg
7 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

008.jpg
8 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

 

0009.jpg
9 of 9 Violet Blue/ZDNet

Trey Ford: Legislative Realities

Black Hat's former General Manager Trey Ford took the stage at informal conference Security B-Sides San Francisco today to present "Legislative Realities," a compelling talk on identifying and bridging the gaps between hacking, user security, company security and legislation.

Ford is now the Global Security Strategist for Rapid7, and appears to be taking his wealth of experience running Black Hat, and experiences such as wrangling the NSA's General Alexander while simultaneous advocating for security researcher protections, and applying it to legislative changes.

0009

 

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Person seated at a booth in a cafe looks at their phone and laptop.

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

10 Photos
Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup
remote-working-from-home-man-employee-small-desk.jpg

Related Galleries

Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup

8 Photos
Yubikey Security Key C NFC
Security Key C NFC

Related Galleries

Yubikey Security Key C NFC

8 Photos
First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

10 Photos
iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

5 Photos
OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

19 Photos
SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

10 Photos