Upload File

selling elephant whistles

15
Selling Elephant Whistles The security process and getting upper management buy-in Jayson E. Street, CISSP, GSEC, IEM, IAM, CCSE, CCSA, Security+

Upload: jaysonstreet

Post on 11-Jul-2015

341 views

Category:

Technology


1 download

Report

TRANSCRIPT

Page 1: Selling Elephant Whistles

Selling Elephant Whistles

The security process and getting upper management buy-in

Jayson E. Street, CISSP, GSEC, IEM, IAM, CCSE, CCSA, Security+

Page 2: Selling Elephant Whistles

Contents

• INTRO• The disconnect• Common Ground• 3 Steps

Situational AwarenessMetricsNews

• Discussion

Page 3: Selling Elephant Whistles

Let go of my EGO • Lets start out with a little about yours truly.

• http://stratagem-one.com

Page 4: Selling Elephant Whistles

Selling Elephant Whistles

• Now let’s have an explanation.

Page 5: Selling Elephant Whistles

Selling Elephant Whistles

• Proving the negative.

• Success = ZERO perceptible change.

Page 6: Selling Elephant Whistles

Why is it so hard?

• The business environment encourages management to think reactively.

• Information Security should be a proactive process.

• Everything is binary 1 and 2s

Page 7: Selling Elephant Whistles

Know yourself know your enemy

• Sun Wu (Tzu) “Ping-fa”(The Art of War)• “Thus it is said that one who knows the enemy and

knows himself will not be endangered in a hundred engagements. One who does not know the enemy but knows himself will sometimes be victorious, sometimes meet with defeat. One who knows neither the enemy nor himself will invariably be defeated in every engagement!”

Page 8: Selling Elephant Whistles

Situational Awareness

• “Hackers know what’s happening on your network shouldn’t you?”

• High Threat + Low Impact = Valuable Lesson

Page 9: Selling Elephant Whistles

Situational Awareness

• Pen testing “Defense through Discovery”

• Attack yourself before someone else does.

• Checking the windows on your own home does not make you a burglar.

Page 10: Selling Elephant Whistles

Examples

• Judging a book by its cover.

• Using Ghost can kill your security policy.

• Sometimes the April fool is you.

Page 11: Selling Elephant Whistles

Metrics can be your friend

• Pie charts – it’s not just what’s for dinner.

• Show me the numbers!

• They can handle the truth!

Page 12: Selling Elephant Whistles

Examples

• Even if they are using snow balls you should be aware their hitting the wall.

• The more you monitor your network the more efficient your network can become.

• Having a no wi-fi policy means checking for wi-fi.

Page 13: Selling Elephant Whistles

News

• A smart man learns from his mistakes, a wise man learns from the mistakes of others.

• Know the risk environment of your business– Trade Journals, Web News, Hacking Sites,

Evening News

Page 14: Selling Elephant Whistles

Examples

• The summer of Lost Laptops.

• ID theft the next big news story since Avian Flu.

• What ever happened to slammer?

Page 15: Selling Elephant Whistles

Now let’s learn from others

• Discussion and Questions????

• Or several minutes of uncomfortable silence it’s your choice.

• Did I mention the bumper stickers?


The Secrets of Pyrotechnic Whistles - Private Data Secrets of Pyrotechnic Whistles ... n Chief, Pyrotechnics Team ... Bullseye Smokeless Powder 192 Red Smoke Composition 198

Bells & Whistles Snackery Menu

Bells and Whistles

Emily Hall Whistles Project

Whistles of hottlenose dolphins: comparisons among populations

Bells & Whistles Reference Manual - Sonokinetic Bells & Whistles ... are very proud to introduce Bells & Whistles to you and can’t wait to hear the ... Sonokinetic Bells & Whistles

Falling Whistles 2009 Annual Report

CCA External Project Examples - maths.cam.ac.uk · CCA External Project Examples Using dolphin whistles to identify species. Dolphin whistles form time-frequency contours that are

Whistles Final

Falling Whistles// Annual Report

Sticks, Stones, Bells and Whistles

BELLS AND WHISTLES - Modern Aesthetics

Lesson Plan: Clay Animal Whistles - Mint Museumncpottery.mintmuseum.org/_files/pages/Animal-Whistles-Lesson.pdf · Lesson Plan: Clay Animal Whistles Overview: ... create form (wheel

Whistles Boards

Elephant-friendly travel companies - World Animal Protection · Travel companies all over the world are boldly committing to move away from selling and promoting cruel elephant tourism

Ceramic Whistles

Creature Whistles

Whistles Marketing Strategy Presentation

Bells N Whistles Event Packages

Canvas: Bells & Whistles + Improvables

Whistles Charlotte Barr-Richardson

Spirit Whistles - Biosonics

Discriminative Invariant Kernel Features: A Bells-and-Whistles … · 2016. 5. 16. · Discriminative Invariant Kernel Features: A Bells-and-Whistles-Free Approach to Unsupervised

EMKAY SPORTS & TROPHIESemkaysportsja.com/Catalog-New.pdf · 2012-10-05 · hula hoop trainning ladders . fox 40 whistles electronic whistles metal whistles lanyard assorted colours

Bells & Whistles

разработка RESTful api with all bells and whistles

Bells and Whistles - TSUG

FIRST DESCRIPTION OF WHISTLES OF PACIFIC … · FIRST DESCRIPTION OF WHISTLES OF PACIFIC ... light pink ventrally. A single, ... When the whistle contour had been extracted,

Clay Whistles

Bells & Whistles Snackery Menu Summer 2010

Adding bells and whistles to your blog

WHISTLES AS POTENTIAL INDICATORS OF STRESS IN …

Sicardi Gallery Linear Imaginations Whistles, Visions ...prod-images.exhibit-e.com/ · Sicardi Gallery Linear Imaginations Whistles, Visions, Fields, and Figures Along the Lines of

2011 - Adding bells & whistles to the ribbon

Разработка RESTful api with all bells and whistles