not go quietly: surprising strategies and teammates to adapt and overcome
DESCRIPTION
Nearly every aspect of our job as defenders has gotten more difficult and more complex—escalating threat, massive IT change, burdensome compliance reporting, all with stagnant security budgets and headcount. Rather than surrender, it’s now time to fight back. This session will provide new approaches to finding financial and operational support for information security across the organization.TRANSCRIPT
![Page 1: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/1.jpg)
SESSION ID:
Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome
STR-R01
David EtueVP Corporate Development StrategySafeNet, Inc.@djetue
Joshua CormanChief Technology OfficerSonatype@joshcorman
![Page 2: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/2.jpg)
#RSAC
A story of a CISO…
This presentation tell the story of a CISO
THIS CISO is fictional…
…but all the stories are REAL examples from real security programs
WHAT IS YOUR STORY?
![Page 3: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/3.jpg)
#RSAC
Depressed? You are not alone…
![Page 4: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/4.jpg)
#RSAC
Forces of Constant Change
BUSINESS COMPLEXITY
= RISING COSTS
EvolvingThreats
EvolvingTechnologies
EvolvingCompliance
EvolvingEconomics
EvolvingBusiness
Needs
![Page 5: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/5.jpg)
#RSAC
Consequences: Value & Replaceability
http://blog.cognitivedissidents.com/2011/10/24/a-replaceability-continuum/
ReplaceabilityIRREPLACEABLE HIGHLY REPLACEABLE
Human Life Intellectual Property
PHI CCNs
![Page 6: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/6.jpg)
#RSAC
Feel Like Surrendering?
![Page 7: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/7.jpg)
#RSAC
A Modern Pantheon of Adversary Classes
WHO: Actor ClassesNation States Competitors Organized
Crime Script Kiddies Terrorists “Hacktivists” Insiders Auditors
WHY: MotivationsFinancial Industrial Military Ideological Political Prestige
WHAT: Target AssetsCredit Card #s Web Properties Intellectual Property PII/Identity Cyber Infrastructure Core Business
Processes
HOW: Methods“MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltration Malware Physical
NOTE: More Complete Version @ http://slidesha.re/1fgu6rb
![Page 8: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/8.jpg)
#RSAC
Profiling a Particular Actor
WHO: Actor ClassesNation States Competitors Organized
Crime Script Kiddies Terrorists “Hacktivists” Insiders Auditors
WHY: MotivationsFinancial Industrial Military Ideological Political Prestige
WHAT: Target AssetsCredit Card #s Web Properties Intellectual Property PII/Identity Cyber Infrastructure Core Business
Processes
HOW: Methods“MetaSploit” DoS Phishing Rootkit SQLi Auth Exfiltration Malware Physical
NOTE: More Complete Version @ http://slidesha.re/1fgu6rb
![Page 9: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/9.jpg)
#RSAC
Script Kiddies (aka Casual Adversary)
Script Kiddie
“MetaSploit”, SQLi, Phishing
CCN/Fungible
Profit, Prestige
Skiddie
5
![Page 10: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/10.jpg)
#RSAC
Organized Crime
Organized Crime
Malware, Botnets, Rootkits
Fungible, Banking
Profit
Organized Crime
50
![Page 11: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/11.jpg)
#RSAC
Nation States (Adaptive Persistent Adversaries)
Nation States
Custom Malware, SpearPhishing, Physical, Stealth
Intellectual Property, Trade Secrets, Infrastructure
Military, Industrial, Economic
Nation States
50
![Page 12: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/12.jpg)
#RSAC
Hacktivists Chaotic Actors
Chaotic Actors
DoS, SQLi, Phishing, Pranks
Web Properties, Individuals, Gov’t Policy
Ideological and/or LULZ
Chaotic Actors
10
![Page 13: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/13.jpg)
#RSAC
Auditors/Assessors/QSA
Auditors
Checklist
ONLY “In Scope” E.g. CCN (Credit Card #s)
Profit, Compliance
Auditor
1
![Page 14: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/14.jpg)
#RSAC
Attacker Power - HD Moore’s Law
Moore’s Law: Compute power doubles every 18 months
HDMoore’s Law: Casual Attacker Strength grows at the rate of MetaSploit
![Page 15: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/15.jpg)
#RSAC
Do not go gentle into that not so good night...
![Page 16: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/16.jpg)
#RSAC
![Page 17: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/17.jpg)
#RSAC
Defensible Infrastructure
![Page 18: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/18.jpg)
#RSAC
Defensible Infrastructure
Operational Excellence
![Page 19: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/19.jpg)
#RSAC
Defensible Infrastructure
Operational Excellence
Situational Awareness
![Page 20: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/20.jpg)
#RSAC
Defensible Infrastructure
Operational Excellence
Situational Awareness
Counter-measures
![Page 21: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/21.jpg)
#RSAC
![Page 22: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/22.jpg)
#RSAC
Sphere of Control
Control
![Page 23: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/23.jpg)
#RSAC
Sphere of Influence vs. Control
Influence
Control
![Page 24: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/24.jpg)
#RSAC
“Rage, rage against the dying of the light”
![Page 25: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/25.jpg)
#RSAC
PHI
“IP”
Web
PCI
AV
FW
IDS/IPS
WAF
Log Mngt
File Integrity
Disk Encryption
Vulnerability Assessment
Multi-Factor Auth
Anti-SPAM
VPN
Web Filtering
DLP
Anomaly Detection
Network Forensics
Advanced Malware
NG Firewall
DB Security
Patch Management
SIEM
Anti-DDoS
Anti-Fraud
…
Desired OutcomesLeverage Points
Compliance (1..n)
“ROI”Breach / QB sneak
Productivity
…
PHI
PCI
“IP”
Web
Control “Swim Lanes”
![Page 26: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/26.jpg)
#RSAC
Web
…
PHI
“IP”
PCI
AV
FW
IDS/IPS
WAF
Log Mngt
File Integrity
Disk Encryption
Vulnerability Assessment
Multi-Factor Auth
Anti-SPAM
VPN
Web Filtering
DLP
Anomaly Detection
Network Forensics
Advanced Malware
NG Firewall
DB Security
Patch Management
SIEM
Anti-DDoS
Anti-Fraud
…
Control & Influence “Swim Lanes”
Desired OutcomesLeverage Points
Compliance (1..n)
“ROI”Breach / QB sneak
ProcurementDisruption
DevOps
Productivity
“Honest Risk”
General Counsel
![Page 27: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/27.jpg)
#RSAC
Web
…
PHI
“IP”
PCI
AV
FW
IDS/IPS
WAF
Log Mngt
File Integrity
Disk Encryption
Vulnerability Assessment
Multi-Factor Auth
Anti-SPAM
VPN
Web Filtering
DLP
Anomaly Detection
Network Forensics
Advanced Malware
NG Firewall
DB Security
Patch Management
SIEM
Anti-DDoS
Anti-Fraud
…
Litigation
Legislation
Open Source
Hearts & Minds
Academia
Under-tapped Researcher Influence
Desired OutcomesLeverage Points
Compliance (1..n)
“ROI”Breach / QB sneak
ProcurementDisruption
DevOps
Productivity
“Honest Risk”
General Counsel
![Page 28: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/28.jpg)
#RSAC
28
Its Easier with Teammates
Alone? Team?
ü
![Page 29: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/29.jpg)
#RSAC
Surprising Teammates
Executives
CIO CFO General Counsel CTO R&D Operations Sales Business
Owner
Supporting Cast
DevOps Procurement Compliance Internal Audit
Risk Mgmt
Crisis Mgmt
Open Source Academia
Gov’tAffairs
![Page 30: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/30.jpg)
#RSAC
DEFENDER: General Counsel
General Counsel
Policy, LDoS, Contracts, AttorneyClientPriv
Intellectual Property, Trade Secrets, Sensitive
Due Care, Defensible Risks
General Counsel
25
![Page 31: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/31.jpg)
#RSAC
DEFENDER: Procurement / Supply Chain
Procurement
RFPs, T&Cs, SLAs, “Gating”
All Things Procured: Goods, COTS, Services
Cost Reduction, Employer Interests
Procurement
20
![Page 32: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/32.jpg)
#RSAC
DEFENDER: Chief Information Officer
CIO
GRC, Standards, Policy, Change Mngt, Process
All Infrastructure
Stability, Order, Support Business
CIO
20
![Page 33: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/33.jpg)
#RSAC
DEFENDER: Chief Technology Officer
CTO
SDLC, Standards, Code/Tech Selection, Research
IP, Trade Secrets, Code, Platforms
Innovation, Differentiation, Adoption
CTO
20
![Page 34: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/34.jpg)
#RSAC
DEFENDER: Chief Financial Officer
CFO
Audit, Process, “Purse Strings”
Financials, Accounting Integrity, “Material”
Responsible & Lawful Fiduciary for stakeholders
CFO
05
![Page 35: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/35.jpg)
#RSAC
DEFENDER: Senior Vice President, Sales
SVP Sales
Customer Compliance, $DEALS, Roadmaps
Customer Data, “Goods”
Retire Quota, Drive Revenue
SVP Sales
15
![Page 36: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/36.jpg)
#RSAC
DEFENDER: Internal Audit
Internal Audit
CheckLists, Interviews, Policies
Scoped Data & Environments
Strict Compliance
Internal Audit
05
![Page 37: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/37.jpg)
#RSAC
DEFENDER: DevOps
DevOps
Automate, Orchestrate, ChaosMonkey, Teamwork
Code, Deploys, Environments
Faster Faster, Velocity, Efficiency
DevOps
50
![Page 38: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/38.jpg)
#RSAC
Defensible Infrastructure
Operational Excellence
Situational Awareness
Counter-measures
![Page 39: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/39.jpg)
#RSAC
39
Internal Audit 05
CheckLists, Interviews, Policies
Scoped Data & Environments
Strict Compliance
Internal Audit
Battle: PCI Compliance
V S
Auditors
Checklist
ONLY “In Scope” (Credit Card #s)Profit, Compliance
Auditor
01
DEFEAT
Script Kiddie05
“MetaSploit”, SQLi, PhishingCCN/FungibleProfit, Prestige
Skiddie
DEFEAT
![Page 40: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/40.jpg)
#RSAC
40
Internal Audit 05
CheckLists, Interviews, Policies
Scoped Data & Environments
Strict Compliance
Internal Audit
Battle: Intellectual Property
Nation State
Custom Malware, SpearPhishing,
Physical, Stealth
IP, Trade Secrets, InfrastructureMilitary, Industrial, Economic
Nation State / Espionage
50
V S
DEFEAT
![Page 41: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/41.jpg)
#RSAC
41
Battle: Intellectual Property Round 2
Nation State
Custom Malware, SpearPhishing,
Physical, Stealth
IP, Trade Secrets, InfrastructureMilitary, Industrial, Economic
Nation State / Espionage
50
V S
General Council
Policy, Contracts, AttorneyClientPriv
IP, Trade Secrets, Sensitive
Due Care, Defensible Risks
General Counsel
20Risk Management??
Risk Models, Metrics, “TableTops”
Risk Identified & Prioritized Assets
Support Business Intent
Risk Management
Procurement
RFPs, T&Cs, SLAs, “Gating”
All Things Procured: COTS, Services
Cost Reduction, Employer Interests
Procurement
20
![Page 42: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/42.jpg)
#RSAC
Battle: Web Properties
Chaotic Actors
DoS, SQLi, Phishing, Pranks
Websites, People, Gov’t Policy
Ideological and/or LULZ
Chaotic Actors
+20
V S
DEFEAT
Procurement
RFPs, T&Cs, SLAs, “Gating”
All Things Procured: COTS, Services
Cost Reduction, Employer Interests
Procurement
20DevOps50
Automation, Orchestration, Teams
Code, Deploys, Environments
Faster Faster, Velocity, Efficiency
DevOps
DEFEAT
![Page 43: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/43.jpg)
#RSAC
Case Study: Gaining Situational Awareness CISO: "There is a difference between reacting and hunting. If you're reacting, you're
done. We knew we had to go hunting, and that meant we had to do things differently.”
Teammates:
Business Owner: Understood adversary
Operations: Deploy BigFix for Power Management (GREEN!) AND security
Compliance: Repurposed SIEM and other compliance tools
CIO: Driven by Productivity
Result: One of the most advanced automated attack identification and classification
systems developed at the time
![Page 44: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/44.jpg)
#RSAC
Case Study: Using Customers To Your Advantage
Large Financial CISO: Only getting investment in InfoSec where required by
“compliance”
Result: Significant increase in Information Security investment—driven by Sales
Teammates:
VP of Sales: Worked with to include customer contractual obligations in scope of compliance
General Counsel: Determine committed customer contractual obligations, measured risk
Audit: Added customer contractual obligations to scope of audit
![Page 45: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/45.jpg)
#RSAC
Case Study: “DevOps” Chaotic Good
F100 Insurance “Chaos Monkey”: “We spend ZERO on securing anything but
mandatory PCI controls & scope; therefore I must infect the org w/ Card Data.”
Result: More sane/balanced security posture, more agility/efficient IT
Teammates:
LOB CTO: WAFaaS can accelerate your PCI 6.6 & TimeToMarket
General Counsel: We must take reasonable steps to keep our secrets secret
CIO: If we fund a Visible Ops program, we’ll run more efficiently & be complaint
![Page 46: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/46.jpg)
#RSAC
Case Study: Changing Report Structure
CISO: “Reporting into CIO ignored Data Security and 3rd Party Risk”
Greater Board Level Visibility & Access to Drive Table Top Exercises
Teammates:
General Counsel: Heavier concern focus Data Classification/Security
Procurement: More stringent 3rd Party Service Provider Security, Ts & Cs
![Page 47: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/47.jpg)
#RSAC
47
Case Study: Adversary Driven! Large Scale European Financial Services CISO: “Despite a large scale information
security investment, we were still losing”
Result: Significantly more effective information security program resulting in lower
fraud without significant increase in investment
Teammates:
Business Owners: Determine likely adversaries—organized crime for financial fraud
Risk: Determine potential financial losses due to various fraudulent attacks
Application Development: Shared investment to tie broad information security controls will application specific security and fraud prevention
![Page 48: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/48.jpg)
#RSAC
CISO: The New “Nick Fury”
48
YOU
Assemble Your Team of Heroes
*.*
?
YOU
∞
![Page 49: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/49.jpg)
#RSAC
49
Apply Who Is Your Team?
Identify at least one opportunity to leverage a new swim lane
Identify at least one new teammate to recruit and make a hero
Identify one opportunity this year to influence each layer of the pyramid
Everyone Has The Chance To Be the Hero In Their Own Story!
![Page 50: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/50.jpg)
#RSAC
50
Thank You & Additional Resources
Adversary ROI: [SlideShare] [RSA US 2012 Online on YouTube]
Supply Chain Security: Policy and Program Development [Free Research from IANS]
Rugged Software – Are you Rugged? [Website]
Do not go gentle into that good night by Dylan Thomas
David Etue@djetue
Joshua Corman@joshcorman
![Page 51: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/51.jpg)
Back-Up
![Page 52: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/52.jpg)
#RSAC
52
Internal Audit 05
CheckLists, Interviews, Policies
Scoped Data & Environments
Strict Compliance
Internal Audit
DevOps 50
Automation, Orchestration, Teams
Code, Deploys, Environments
Faster Faster, Velocity, Efficiency
DevOps
Risk Management ??
Risk Models, Metrics, “TableTops”
Risk Identified & Prioritized Assets
Support Business Intent
Risk Management
![Page 53: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/53.jpg)
#RSAC
53
SVP SalesCTO
SDLC, Research, Tech Selection
IP, Trade Secrets, Code, Platforms
Innovation, Adoption
CTO
20 CFO 05
Audit, Process, “Purse Strings”
Financials Integrity, “Material”
Responsible & Lawful Fiduciary
CFO
15
Customer Compliance & $DEALS
Customer Data, “Goods”
Retire Quota, Drive Revenue
SVP Sales
![Page 54: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/54.jpg)
#RSAC
54
Procurement
RFPs, T&Cs, SLAs, “Gating”
All Things Procured: COTS, Services
Cost Reduction, Employer Interests
Procurement
20 CIO
GRC, Policy, Change Mngt
All Infrastructure
Stability, Order, Support Business
CIO
20General Council
Policy, Contracts, AttorneyClientPriv
IP, Trade Secrets, Sensitive
Due Care, Defensible Risks
General Counsel
20
![Page 55: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/55.jpg)
#RSAC
55
Nation State
Custom Malware, Stealth, *.*
IP, Trade Secrets, Infrastructure
Military, Industrial, Economic
Nation State/Espionage
50 Script Kiddie 05
“MetaSploit”, SQLi, Phishing
CCN/Fungible
Profit, Prestige
Skiddie
Organized Crime 50
Malware, Botnets, Rootkits
Fungible, Banking
Profit
Organized Crime
![Page 56: Not Go Quietly: Surprising Strategies and Teammates to Adapt and Overcome](https://reader038.vdocument.in/reader038/viewer/2022103115/557cfa86d8b42a89158b4cae/html5/thumbnails/56.jpg)
#RSAC
56
Chaotic Actors
DoS, SQLi, Phishing, Pranks
Websites, People, Gov’t Policy
Ideological and/or LULZ
Chaotic Actors
10 Auditors
Checklist
ONLY “In Scope” (Credit Card #s)
Profit, Compliance
Auditor
01