This presentation will explore the core principles of harm reduction, review the body of research that informs its strategies, and propose a framework for applying harm reduction to cybersecurity risks. It will explain why fully eradicating risk taking behaviors is not possible, and how abstinence based guidance may actually increase harm for individuals and populations. More importantly, it will look at the efficacy of harm reduction strategies and show that a pragmatic, compassionate approach to security may be more effective, cost less, and even reduce burnout among cybersecurity practitioners.
Presented by Kyle Tobener
Full Abstract & Presentation Materials: www.blackhat.c...