People are the cause of many security problems, but people are also the most effective resource for combating them. Technology is critical, but without trained professionals, it is ineffective. In the context two case studies, the presenter will describe specific instances where human creativity and skill overcame technical deficiencies. The presenter believes this topic to be particularly relevant for “blue teamers” who often must defend their organization’s’ information assets under less-than-ideal circumstances.
Technical details will include the specific tools used, screenshots of captured data, and analysis of the malware and the malicious user’s activity. The goal of the presentation is show the importance of technical ability and critical thinking, and to demonstrate that skilled people are the most important tool in an information security program.
For context, the conclusion reads: Several technological challenges conspired against the team during these incidents. Using both commercial and freely obtainable tools the team was able to overcome these obstacles in a resourceful and cost-efficient manner. The analysts’ actions demonstrate that problems can be solved creatively using limited resources. While companies must regularly evaluate commercial products, properly trained personnel can be more valuable to an organization than any hardware or software device.