Re: what do you think of a dataloss workshop?

["B.K. DeLong" <bkdelong () pobox com>]

The model of Metricon/MiniMetricon (http://www.securitymetrics.org) might be
a nice, workable model to follow and with RSA around the corner, there might
be quite a few list members attending to warrant at least a "Meetup"
somewhere.

Lyger, perhaps an "Are you going to RSA?" thread for people to use for the
basis of connecting?

On Fri, Mar 28, 2008 at 9:11 AM, Allan Friedman <
allan_friedman () ksgphd harvard edu> wrote:

> [If this is not the right place to discuss this, let's take it elsewhere]
>
> Given the great and increasingly dense and complex discussion on this
> list, I wonder whether there would be any interest in assembling for a
> workshop / mini-conference?  I'd be happy to try to organize one here
> at Harvard sometime next fall.  Thoughts?
>
> I feel that many of the discussions we are having here overlap or abut
> much of the other discussions in privacy and security. Sitting down
> and drawing up a clear understanding of the critical areas of
> dataloss, and how it impacts business and law will be helpful. Is this
> redundant? Unnecessary?
>
> Here is my general idea, purely as a strawman.
> 1) Probably just one day, mid fall 2008
> 2) Some combination of panels and academic paper presentation, with a
> keynote and at least one breakout session
> 3) Content: 50% academic (econ, law, tech, policy) 25% business, 25%
> public policy/ advocacy
> 4) We would need to define dataloss as a reasonably coherent clump to
> prevent the typical privacy rehashing, or making it too broad to be
> useful. Also, it should be more focused than a run of the mill
> enterprise/organization security conference.
> 5) Topics: breach laws, econ models, technical solutions,
> understanding liability, metrics and quant
> 6) Ideally, the workshop could be summarized to produce a research
> agenda and/or a policy agenda
> 7) In my experience, breakout discussion sessions can be very
> productive in knowledge distillation.
>
> If this is not a horrible idea, who would be interested in attending?
> Speaking or presenting research? Helping organize? Vendor
> participation or sponsorship?
>
> allan
>
> Allan Friedman
> PhD Candidate, Public Policy
> Kennedy School of Government
> Fellow, Center for Research in Computation and Society
> School of Engineering and Applied Sciences
> Harvard University
> _______________________________________________
> Dataloss Mailing List (dataloss () attrition org)
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance monitoring
> solutions for large and small networks. Scan your network and monitor your
> traffic to find the data needing protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml



-- 
B.K. DeLong (K3GRN)
bkdelong () pobox com
+1.617.797.8471

http://www.wkdelong.org Son.
http://www.ianetsec.com Work.
http://www.bostonredcross.org Volunteer.
http://www.carolingia.eastkingdom.org Service.
http://bkdelong.livejournal.com Play.


PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE

FOAF:
http://foaf.brain-stream.org

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml