You Can't Buy Security: Building the Open Source Information Security Program

Presented at ToorCon San Diego 14 (2012), Oct. 20, 2012, 4 p.m. (50 minutes).

It seems everywhere you look there are analysts and product/service providers promising you the magic bullet when it comes to securing your environment and lowering your risk. While some  products might be better than others, nothing will help you with the basics which seem to be where most of us are still failing. The presentation will focus on the concept of keep it simple stupid. It will dive into learning  your environment and more importantly correlating that to maintaining the profitability of your organization. It will show you how to bypass all the blinking lights and build a cost effective security program that will inherently lower your risk.   I will be releasing the formal framework in the next couple of weeks.


Presenters:

  • Boris Sverdlik
    A Solutions-oriented Information security consultant with a proven record of directing a range of security initiatives. I have been at the forefront of information security spanning more than a decade and have been on both sides of the fence, protecting assets as head of security within the financials as well as offensive security consulting. The value I believe I bring to the table is that breadth of experience. I do defense during the day while still maintaining my offensive consulting at night. I feel I'm in that rare class of  individual who love absolutely every minute of his career choice. Finally I'm a co-host on the only daily InfoSec podcast ISDPodcast.

Similar Presentations: