layer 8 security - securing the nut between the keyboard & screen
DESCRIPTION
Brian Honan's presentation on how to develop an effective security awareness program given at the 2011 BsidesLondon eventTRANSCRIPT
Layer 8 Security
Securing The Nut Between the Keyboard & Screen
BSidesLondon 2011
What Do These Have In Common
The Dreaded APT!!
The Root Cause
48% of Breaches Were Caused by Insiders- Verizon
90% of Malware Requires Human Interaction- Symantec
100% of Successful Attacks Compromised The Human
- Mandiant
64% of Orgs See Security Awareness As a Challenge
- E&Y 2010
3 times as many breaches are caused by accidental insider activity than malicious intent
- Open Security Foundation
People Are The Weakest Link
So Are People
Or Are They
Or Are They
Maybe They Are
Maybe They
Mostly They Just Are
Yet Where Do we Spend?
Consulting
Outsourcing
Hardware
Software
Personnel
0 5 10 15 20 25 30 35 40
% Overall IT Security Budget
Gartner 2010
Our Focus Is Wrong
Failure to Engage
Content Misses The Mark
Compliance Requirement
Don’t Take Local Issues Into Account
No Measurements
But Mostly
Securing The Nut
Plan
Implement
Review
Maintain
Developing A Security Awareness Program
Be Prepared
Develop A Strategy
Budget
Make Sure it is Adequate
Select Appropriate Tools
Consider Different Cultures
Hook The Audience
Communication
Continual Support
Review & Monitor Success
Maintain The Program
Remember
Questions
www.twitter.com/brianhonanwww.bhconsulting.ie/securitywatch
Tel : +353 – 1 - 4404065