Adam — Security to Make the CFO Happy — DEF CON 27 Packet Hacking Village

Дата: 22.11.2019. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

As a security professional you’re hungry to learn everything you can but training isn’t quite free. Meanwhile, your boss, and the bosses in a bunch of other business units are fretting all they can about DoD 8570, just one more «unfunded mandate». How does anyone justify the cost of these nonfunctional requirements? This talk will draw some indirect lines in the org chart and cite documentation in various parts of a company to show how training can be a win for the entire organization.

Adam is an engineer. Several years ago, Adam’s program got whacked with the compliance stick. If Adam wanted to fly he had to comply. In an odd turn of events, Adam found that all this security compliance made him level-up his systems engineering game. After satisfying a number of security «one-offs», Adam started to realize where non-engineers had strengths and willingness to bolster his program’s overall security. As a lonely security engineer in a feature-driven world he credits the infosec community for providing so much «professional development». He is happy to show engineers how fun (less painful?) security can be. Tragically, he has yet to meet anyone who can wrestle failed vuln scanners as well as he can — but he knows that special someone is out there.


Об авторе CISOCLUB

Редакция CISO CLUB. Официальный аккаунт. CISO CLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *