Fortune 100 infosec on a state government budget

Presented at BSides Austin 2017, May 5, 2017, 1 p.m. (60 minutes)

A common misconception is that it takes spending millions to be good at security. Our security team at Texas Department of Public Safety has proved this to be untrue. We run a full-fledged Security Operations Center and leverage some very proactive controls and incident response techniques while spending a fraction of what similar agencies are allocated. This talk outlines many of the thought processes and "tricks" to doing security well, without breaking the bank. Some concepts include thinking critically about ROIs of existing equipment, not buying into every "shiny box", not being afraid to explore open source options, and where to spend your money for the highest ROI (people!). This is not the typical "Problem, problem, problem...." talk.... This is a solution-based talk where I'll share SOLUTIONS to very real-world scenarios facing SOC teams everywhere.

Presenters:

  • Eric Capuano
    Eric Capuano is an Information Security professional serving state and federal government as well as SMBs, start-ups and non-profits. Also, a member of the Packet Hacking Village team at DEFCON.

Links: