fwd:cloudsec 2023

fwd:cloudsec 2023

What Could Go Wrong? DEI-informed Perspectives on Threat Modeling in the Age of Terrifying Feature Requests
2023-06-12 , Salon C

“Can you do a security review of our new AI feature by tomorrow?”

Security practitioners face a hard truth. We don’t know what could go wrong with the new AI chatbot or machine learning mode. But, how do you set guardrails for security, safety, or privacy solo in a world where there are few reliable safety guidelines for next quarter’s product roadmap? To achieve safer and more secure outcomes, cloud security practitioners should consider it imperative to adapt to more diversity, equity, and inclusion-informed (DEI) approaches to building threat models.

Easier said than done, right?

While it’s never easy to navigate new collaborative models, cloud security practitioners all have an opportunity to create more diverse, equitable, and inclusive conversations about risk and threats at every stage of the feature lifecycle. This is a practitioner talk given through an intersectional and DEI-focused lens with a particular focus on facilitating greater inclusion and collaboration at every stage of the feature lifecycle. Attendees will learn how to foster greater self-service decisions among product managers, facilitate inclusive premortem meetings, drive a culture of ‘fearless risk documentation,’ and launch a risk amnesty program for anonymous reporting.

Jasmine is an inadvertent career specialist in security data, data security, and privacy for cloud-native startups. She is the current Senior Director of Data Security and Privacy at JupiterOne and a former Security Director at other high-tech startups. As a permanent student, Jasmine is finishing her PhD in Computer & Information Science with a focus on Information Quality at University of Arkansas, Little Rock. She loves Furiosa, WNBA, and her black rescue cat Nandor.

This speaker also appears in:

Having been one of the first women to explore and make a career of the industry called "cybersecurity" , Renee has witnessed the evolution of diversity within the field. Renee has worked for such notable companies as VeriSign, Qualys, CrowdStrike, Cylance and now JupiterOne. During the Pandemic, Renee took a break to focus on academia and her work in how Gender and Religion impact Cyberwarfare and Threat Intel.