layer 8 security - securing the nut between the keyboard & screen
DESCRIPTION
Brian Honan's presentation on how to develop an effective security awareness program given at the 2011 BsidesLondon eventTRANSCRIPT
![Page 1: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/1.jpg)
Layer 8 Security
Securing The Nut Between the Keyboard & Screen
BSidesLondon 2011
![Page 2: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/2.jpg)
What Do These Have In Common
![Page 3: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/3.jpg)
The Dreaded APT!!
![Page 4: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/4.jpg)
The Root Cause
48% of Breaches Were Caused by Insiders- Verizon
90% of Malware Requires Human Interaction- Symantec
100% of Successful Attacks Compromised The Human
- Mandiant
64% of Orgs See Security Awareness As a Challenge
- E&Y 2010
3 times as many breaches are caused by accidental insider activity than malicious intent
- Open Security Foundation
![Page 5: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/5.jpg)
People Are The Weakest Link
![Page 6: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/6.jpg)
So Are People
![Page 7: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/7.jpg)
Or Are They
![Page 8: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/8.jpg)
Or Are They
![Page 9: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/9.jpg)
Maybe They Are
![Page 10: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/10.jpg)
Maybe They
![Page 11: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/11.jpg)
Mostly They Just Are
![Page 12: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/12.jpg)
Yet Where Do we Spend?
Consulting
Outsourcing
Hardware
Software
Personnel
0 5 10 15 20 25 30 35 40
% Overall IT Security Budget
Gartner 2010
![Page 13: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/13.jpg)
Our Focus Is Wrong
![Page 14: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/14.jpg)
Failure to Engage
![Page 15: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/15.jpg)
Content Misses The Mark
![Page 16: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/16.jpg)
Compliance Requirement
![Page 17: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/17.jpg)
Don’t Take Local Issues Into Account
![Page 18: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/18.jpg)
No Measurements
![Page 19: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/19.jpg)
But Mostly
![Page 20: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/20.jpg)
Securing The Nut
Plan
Implement
Review
Maintain
![Page 21: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/21.jpg)
Developing A Security Awareness Program
![Page 22: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/22.jpg)
Be Prepared
![Page 23: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/23.jpg)
Develop A Strategy
![Page 24: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/24.jpg)
Budget
![Page 25: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/25.jpg)
Make Sure it is Adequate
![Page 26: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/26.jpg)
Select Appropriate Tools
![Page 27: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/27.jpg)
Consider Different Cultures
![Page 28: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/28.jpg)
Hook The Audience
![Page 29: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/29.jpg)
Communication
![Page 30: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/30.jpg)
Continual Support
![Page 31: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/31.jpg)
Review & Monitor Success
![Page 32: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/32.jpg)
Maintain The Program
![Page 33: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/33.jpg)
Remember
![Page 34: Layer 8 Security - Securing the Nut Between the Keyboard & Screen](https://reader033.vdocument.in/reader033/viewer/2022061205/54708fd8b4af9fc80a8b47cd/html5/thumbnails/34.jpg)
Questions
www.twitter.com/brianhonanwww.bhconsulting.ie/securitywatch
Tel : +353 – 1 - 4404065