Incident response is a technical specialty. From understanding the risk and defining what went wrong, to throwing attribution dice, technical people handling technical problems using technical methodologies, is the way it’s done. But technical people don’t make budgets. The people who draw up the budgets are normally big picture business people, who say things like, “Why is incident response important?” “Do we really need to pay so much for this? You have heard of as thing called a cost center, right?”, “How often does this REALLY happen and WHY do I care?” As a technical person with a more realistic view of the fragility of the typical enterprise system, how do you translate “It’s not if, it’s WHEN and WHY!” to a business person’s, “what’s the probability of it happening this fiscal year and will it really impact the business?”. How can an engineer cross that divide, that chasm, and foster understanding, business security maturity, and a working partnership with big picture executives. It starts by understanding, and speaking, their language. Speaking business to business people. Translating geek-ese into business-ese. This talk engages engineers to discuss how to put technical risk into business people language, using the universality of cat pictures. If I (geek or business), can’t get my cat pics, there’s something wrong! In this talk, we will show; how do we find it, fix it, and make sure it never happens again? Is there a way to be proactive about making sure I always get my cat pics? And most importantly, why does this matter to the business?

Bio: Josh Marpet Joshua Marpet is an accomplished speaker, long time information and physical security practitioner, as well as a startup CEO and serial entrepreneur. He has presented on topics ranging from Facial Recognition to National Security, to audiences from government agencies, law enforcement, Fortune 5 companies, and many others. His research encompasses Digital Forensics, business security maturity, and how not to start an information security business! His conference, Security BSides Delaware, is one of the oldest and largest BSides conferences (shameless plug!!), and he’s exceedingly proud of it. In the venture capital and entrepreneurship world, Josh is also a super-connector. Josh strives to push himself to new heights with every venture and help all that he can along the way. Bio: Scott Lyons Scott Lyons is a technical visionary who brings ideas and advanced concepts to fruition through cost-effective solutions that improve profitability. His skills include sales, negotiation tactics, and complex international projects and project management. His security practitioner background includes classified work for various federal agencies, addressing risk and mitigating actions in the private sector, as well as mitigating attacks of all shapes and sizes across the board. In the information security industry, Scott is also a super-connector, mentor, and a great resource for people looking to build their career. Scott is currently a startup CEO, a serial entrepreneur, and his companies are growing to the stratosphere.

Recorded at AIDE 2017