Speaking at RSABy: Joe Stewart
The 2009 RSA conference kicks off next week in San Francisco. It looks like a busy week for me – I’ll be presenting first on Tuesday, April 21st at the SecureWorks booth on the showfloor at 1:00 PM PDT. This will be a “Conficker Q&A” session. I’ll be answering questions with the knowledge I’ve gained from reverse-engineering Conficker and also from my participation in the Conficker Working Group. So, if you have any burning questions about the threat posed by the Conficker worm, drop by the booth at that time and I’ll try to answer them.
On Wednesday at 9:10 AM, I’ll be participating in a panel discussion called “Deconstructing The Modern Online Criminal Ecosystem” along with panelists Lawrence Baldwin (MyNetWatchman) and Dr. Robert Bruen (KnujOn). This should be a very interesting discussion, offering some behind-the-scenes insights into the cybercrime economy from experts who are in the trenches fighting it every day. The work being done by my co-panelists is amazing, but rarely do you get to hear about it in a public forum. The panel will be led by Patrick Peterson of Cisco’s IronPort division. Patrick is a Cisco Fellow and a renowned speaker and security expert, so I expect we may reach the highest potential of panel discussions.
Finally, on Thursday I’ll be delivering my own presentation entitled “Demonetizing Botnets” at 2:10 PM. This talk outlines my ideas for how we should restructure our efforts at fighting not just botnets, but cybercrime in general, both long and short-term. In this presentation, I will introduce a concept I call “offense-in-depth”, which I believe is the only approach that can address most of the cybercrime problems we are currently facing, given the current environment with respect to law enforcement’s challenges in cyberspace and pervasive vulnerabilities in computing and networking. I’m not saying my plan is any kind of silver bullet, but I hope it becomes part of the arsenal of everyone out there who is attempting to stem the tide of malicious software and computer intrusion. If you are interested in hearing my take on these matters, please attend. If anything I say inspires you to action, please meet up with me after the talk, and we can discuss the issues further. Hope to see you there!