Description: "There's no patch for human stupidity." This phrase is used often and with prejudice. I say it's nothing more than an excuse. If users are truly our largest attack surface and a vulnerable ingress point to our environments, it's our job to secure them. And if that security is failing, it's our fault, not theirs. Security education doesn't have to be as hard as most make it out to be. I'll go over the 10 most common pitfalls I've seen in commercial and hand-rolled security education programs. Armed with this information, hopefully you can build a quality program of your own or at least make improvements to your existing one.
Kris is one of the founders of local information security group CleveSec, and serves on the board of the Northeast Ohio Information Security Forum (NEOISF). Kris works at a local software vendor where he helped to create and implement their first secure development and company-wide security culture initiatives.
For More Information Please Visit: - http://bsidescle.com
http://www.irongeek.com/i.php?page=videos/bsidescleveland2015/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.