A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Where do I start? - Charles Sgrillo II BSides Philadelphia 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Where do I start?
Charles Sgrillo II

BSides Philadelphia 2016
(no sound, sorry)

With breaches dominating the headlines, businesses are quickly starting to realize the critical nature of information security. What makes information security so difficult to manage is the fact that an organization can invest endless amounts of money into the 101 solutions that exist and still be pwned with a single email. At the end of the day organizations don’t understand InfoSec and how to properly train employees. Security awareness training is one of three things for most organizations: • Stale PowerPoint that teach employees nothing about information security • A checkbox on an audit form • Something they have never heard of My current position as landed me various interactions with businesses that are outside the traditional “audit” spectrum of InfoSec. Simply put for the past 10 years organizations have only incorporate some level of InfoSec into the business because they “had to.” The times haves changed as organizations are starting to adopt security because the “need to/want to.” Problem being “Where do I start?” Pulling from past experience as a physical security engineer and penetration tester this talk will discuss various concepts of SE, how organizations can improve their security by properly training employees and how I am currently trying to bring security to organizations via their culture instead of one two hour talk employees only hear once a year if at all.

Full Time Security Consultant & adjunct Professor B.S - IT Project Management M.S - Information Systems Management CEH Over 10 years of IT experience with various roles such as: Senior Information Security Specialist Principal Consultant Systems Engineer IP Security System Specialist https://www.linkedin.com/in/charlessgrillo

Recorded at BSides Philly 2016

Back to BSides Philly video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast