Evolutionary Security – Embracing Failure to Attain “Good Enough”

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 27, 2013, 5:30 p.m. (25 minutes).

Security is splintering, Organizations splitting along complexity. Attackers are splitting into tiers focused on stealing money, clients and intellectual property. Successful defense requires understanding the shifting security ecosystem and the ability to rapidly reassess your position, the attacks coming at you and your options.

To succeed, we must be willing to make decisions based on partial and often inaccurate data. We must find ways to make errors and adapt, so that evolutionary processes can improve our defenses the same way that they work for attackers. This talk explores a new way of thinking about the problems we face.


Presenters:

  • Josh More
    Josh has over fifteen years of experience in IT and information security. Josh’s current role is as a security consultant, and he has previously filled roles as an application developer, system administrator and network engineer. He holds several security and technical certifications and has served in leadership positions on several security-focused groups. He writes a blog on security at www.starmind.org and www.rjssmartsecurity.com. Josh focuses on applying lessons from other disciplines to security practice. Josh More leads RJS Smart Security – a security consultancy focusing on smaller organizations looking to improve security without losing flexibility.

Links:

Similar Presentations: