Here is just a quick list, off the top of my head, of some of the topics I would like to see someone do talks about at security events this summer. If you are in need of a research topic, or something to dig into for a deep dive, give one of these a try. Who knows, maybe you will see me in the audience. If so, then feel free to sit down for a cup of coffee and a chat!
Here’s the list, in no particular order:
- machine learning, analytics in infosec
- detection capabilities with nuance visibility at scale
- decision support from security analytics & automated systems based on situational awareness
- rational controls and how to apply them to different industries
- crowdsourcing of policies and processes – wiki-based approaches
- internal knowledge management for security teams
- tools for incident response beyond the basics
- tools and processes for business continuity after a breach – show us your guide to “Ouchies!”
- attacker research that is actually meaningful and that does NOT revolve around IOCs
- skills and capability mapping techniques for security teams and their management
- new mechanisms for log management and aggregation beyond Splunk & SEIM – how would the death star handle logs?
- near-real time detection at a meaningful level – even better if admins can make decisions and take actions from their iPhone/iWatch, 😛
- extrusion/exfiltration testing capabilities & metrics-focused assessment approaches for testing exfil robustness
- network mapping and asset discovery techniques and tools – how would the death star map their IT networks? 🙂
Give me a shout on Twitter if you want to explore these together – @lbhuston.