Enigma 2023 has ended
Back To Schedule
Thursday, January 26 • 3:00pm - 3:30pm
The Slippery Slope of Cybersecurity Analogies

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Cybersecurity is rich with analogies, from keys and locks to Trojan horses. We look for the “needle in the haystack” and “evict malware resident on our systems.” We debate “baked-in” versus “bolted-on” security. We do not mean all these things literally, of course. The language and analogies we use in this field are borrowed from many different domains. Analogies can help explain basic cybersecurity concepts, but too often they omit or overgeneralize important details. They can mislead, sometimes deliberately, because the experience they purport to connect might be out of proportion. Despite their shortcoming and imprecision, using an analogy or an abstraction might be helpful in appropriate situations. Using analogies, abstractions, and metaphors shapes technology’s development, practice, and policies. The analogies are more than simple figures of speech. They have a normative dimension; sometimes, they can be used to help the imaginary shape reality. This talk explores the use and misuse of analogies and metaphors across cybersecurity. We consider analogies from the physical world, medicine and biology, war and military, and law before discussing tips for avoiding pitfalls in using analogies and metaphors.

avatar for Josiah Dykstra

Josiah Dykstra

Josiah Dykstra is a cybersecurity practitioner, researcher, author, and speaker. He is a Technical Fellow in the Cybersecurity Collaboration Center at the National Security Agency (NSA) and the owner of Designer Security, LLC. He holds a Ph.D. in computer science and previously served... Read More →

Thursday January 26, 2023 3:00pm - 3:30pm PST
Santa Clara Ballroom