Wednesday 

Room 2 

16:20 - 17:20 

(UTC+01

Talk (60 min)

(Ab)user Experience: The dark side of Product and Security

Security can often feel like an unapproachable and mysterious part of an organisation – the department of work prevention, the department of “nope.” But it doesn’t have to be that way.

Application Security
Culture
Design
DevOps
Mobile Application Security
SDLC

In this talk we will look at the unintended users of a product, the “threat agents”.

By engaging the Security team in the Product process, we can model the dark side of use cases and user stories through threat modelling techniques. This can help demystify impenetrable security NFRs through concrete examples of how these threat agents may try to misuse your shiny new digital product.

Who this event will benefit
Those building products/apps exposed to the web
People who are wanting to build out an awareness of the possible attack vector use cases (i.e. how might you be attacked)
People who need to write that down as a set of requirements to help build a DevSecOps approach in projects

Lianne Potter

When you follow the cables, behind every piece of tech is a person, consumer and creator, and we should never lose sight of this.

Lianne is an award-winning cyber anthropologist and security transformation leader with experience in the retail, healthcare, finance, private and non-profit sectors.

Her consultancy, The AnthroSecurist, enables teams in complex organisations to understand each other’s motivations, identify barriers that have prevented good security practices in the past, and provide practical steps and insights to increase collaboration between the security team and the rest of the organisation. Lianne is also the Head of SecOps for the largest greenfield technology project in Europe where she builds strategies to create sustainable security cultures throughout the organisation.

As a respected keynote speaker, Lianne has delivered talks across the globe to share her vision for a new type of security function. Drawing upon her expertise as an anthropologist, her practical experience as a security-focused software developer and as a security practitioner; Lianne combines the human and the technical aspects of security to evangelise a cultural security transformation.

In 2020 Lianne formed a health-tech start-up, Liria Digital Health, using technology to improve patient outcomes for those with under-researched, under-represented or unloved health conditions, particularly for people in marganised or minority communities

You can listen to Lianne talk about her human-centric approach every Thursday on her award-winning technology podcast Compromising Positions, in which she interviews non-cybersecurity people from the world of anthropology, psychology and behavioural science about cybersecurity culture.

Lianne is also undertaking a MSc in AI and Data in 2024.

Publications include:

* The Times
* Raconteur
* Computing.com
* The Yorkshire Post
* Security Magazine
* IT Pro
* EmTech Anthropology Careers at the Frontier (Book)

Recent awards and honours include:

* Podcast Newcomer - 2024 European Cybersecurity Blogger Awards
* Cybersecurity Personality of the Year 2023 - The Real Cyber Awards
* Security Woman of the Year - Computing Security Excellence Awards 2023 (Highly Commended)
* 40 Under 40 in Cybersecurity - Cybersecurity Magazine
* Security Leader of The Year 2021 - Women in Tech Excellence
* Woman of the Year 2021 - Women in Tech Excellence
* Security Specialist of the Year 2021 - Computing.com

Jeff Watkins

A lifelong technologist, having started coding at the age of six, Jeff has been in the industry for over 25 years. He has a love for CyberSecurity and AI, especially the human elements of both subjects. Working for a consultancy, he's seen the world change to be product- and service-oriented, and bangs the drum for ensuring that everybody is involved in delivering secure and usable offerings. Outside of work, he is co-host of the Compromising Positions podcast, a unique view of cybersecurity from outsiders' perspectives.

Publications include:
* Wired
* Forbes
* Raconteur
* IT Pro
* Business Cloud
* Information Age