Description: Every day we roll the boulder up hill. Every morning we find the boulder back down in the valley. Like Sisyphus, defenders face the daily challenge of getting all the systems secure and the morning realization that new vulnerabilities have crept in. It is so bad we say it is not if we will get breached but when we will get breached. Worse, defenders say most breaches are career-ending events. Ouch. There has to be a better way. In this talk, we will cover using business impact and risk management as a driving force for prioritizing security efforts. This reduces the likelihood of a breach and prevents any breaches from being career-ending event. We’ll round out the hour with a case study showing these principles applied to securing a million dollar website. Guaranteed, you will leave this talk a smarter boulder roller.
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: http://www.youtube.com/watch?v=4rDqRk_IWvo