Key Learning Points
- The current state of security decision making
- The failure of vulnerability containment
- The failure of vulnerability containment
- The importance of risk assessment in building sustainable security programs
Level: Intermediate
We buy security appliances, write policies, run penetration tests, conduct compliance audits, but it never seems to be enough. The attackers break in, setup shop and exfiltrate data. How do we get ahead of the attackers and build sustainable security?
The breach in your future has its origins in the infrastructure decisions of today. The traditional approaches to IT and security operations do not work any longer. We need a new, holistic approach that addresses all dimensions of effective risk management.
In this presentation, we will discuss the challenges of building and evaluating a security program that addresses the current threat landscape. Specifically, we will highlight the problems with traditional security testing and IT management techniques, and propose some new ideas that can fundamentally alter how we view security testing to mitigate risk.
About Andrew Plato
Andrew Plato is a veteran author, speaker and thought leader in the IT security industry. He is also the founder and chief executive of the Anitian, the oldest security intelligence firm in the nation.
In 1995 while working at Microsoft, Andrew executed the first known incident of a SQL injection attack against an early e-commerce website. This event inspired Andrew to found Anitian to help organizations and IT leaders navigate the complexities of information security.
