The next attack on your organization is closer than you think. While you are attending meetings and complaining about the quality of coffee in the break room, the genesis of your next security incident is breeding and lurking inside your systems, and it’s probably not where you think it is. That cool new firewall you bought?… Not the problem. The cloud services?… Not the problem. The problem is walking around your office. The problem is the inattentiveness to the mundane realities of security operations. The problem is the dull, boring, and inglorious aspects of running an IT security program.
In this presentation, IT security veteran Andrew Plato will review the decades of security assessments Anitian has completed to compile a portrait of a what a weak organization looks like. Inside that data is the roots of how organizations get attacked and the simple, yet often dull, things that can be done to avoid it.
Among the topics covered in this presentation:
- What 17 years of security assessments tells us about the state of information security
- Recurring flaws in security programs and operations
- The role of people and process in IT security
- Practical, pragmatic steps to avoid attack and loss
Andrew M. Plato is the founder and President of Anitian Enterprise Security, one of the oldest and most accomplished security consultancies in the world. Mr. Plato founded Anitian in 1995 after a successful career as a software engineer, database developer, and technical writer. Anitian is one of the oldest information security consultancies in the world with over 2000 clients across every industry. Mr. Plato has guided Anitian into a dominant position with a focused philosophy of delivering practical, pragmatic information security solutions based on the rational analysis techniques of the Scientific Method.
Mr. Plato has overseen and actively participated in thousands of security projects including security & risk assessment, penetration testing, incident response, PCI compliance and technology integration. Mr. Plato routinely advises CIOs, CISOs, and other executives on matters of IT security and governance.
Mr. Plato is well known for delivering insightful, high-energy presentations that challenge conventional thinking and provide real-world examples and guidance. Mr. Plato’s presentations are designed to be both educational and entertaining.