Shawn Richardson
Shawn is a Senior Program Manager in a wide variety of business applications at NVIDIA.

She is particularly experienced in incident response, software security, privacy, compliance, and release management.

Specialties include: incident response, security program management, privacy program management, software compliance, payments compliance.

EthicsFIRST: Considering Ethics for Incident Response and Security Teams

Have you ever been asked to do something at work that made you uncomfortable or went against your values; things that were considered part of your legitimate job? As technology continues to evolve at a rapid pace, incident response and security teams are having to act and react to more challenging situations: vulnerability disclosures across industries, complexity introduced by third party components, increasing number of security breaches, and continued resourcing issues.

Where are the lines? Who decides? What if you don’t agree?

The FIRST Ethics SIG has created a code of ethics (EthicsfIRST) that incident response and security teams can adopt or use as a template to create their own. It can be used as a framework to think about how situations "should" be handled in responding to incidents. The 12 principles are formulated as statements of responsibility, based on the understanding that the public good and trust are always the primary considerations.

Each principle is supplemented by guidelines, which provide explanations to assist computing professionals in understanding and applying the principle.

This talk will discuss the 12 duties of the EthicsfIRST code and the guidelines to understanding and applying each to your organization.

Spaces Selling Fast!