Help Irongeek.com pay for bandwidth and research equipment:
Stopping Cyberboom: Mitiaging User error - Ira Winkler (BSides Tampa 2020) (Hacking Illustrated Series InfoSec Tutorial Videos)
Stopping Cyberboom: Mitiaging User error
BSides Tampa 2020
Abstract: The most devastating attacks predominantly begin with some form of user action. A user clicks on a phishing message. A user goes to a malicious website. A user puts a malicious USB drive on their system. Etc. The commonly recommended solution is more and better awareness, which doesn't account at all for malicious users. This is like saying that if a canary die in a coal mine, you need to find healthier canaries.
The fundamental problem is not a lack of awareness, but that users have the ability to initiate a loss. What is therefore required is a methodology that involves analyzing where the ability to initiate the loss comes from, stopping the initiation of the loss, and then mitigating the potential loss before it is initiated. This is what counterterrorism, safety, and accounting practitioners do in their professions. It is time for the cybersecurity profession to realize that a user action, error or not, is just the proximity of where the loss becomes visible. Addressing the proximity of the loss does not address the root cause of the loss, or the failure to mitigate that loss.
This presentation adopts counterterrorism principle and will walk attendees through a comprehensive program to determine the source of losses, and determining how to prevent, detect, and respond to potential losses. Case studies will be included.
Ira Winkler, CISSP, is the Lead Security Principal for Trustwave and Author of Advanced Persistent Security, and the forthcoming book, You Can Stop Stupid. He is considered one of the world?s most influential security professionals and was named ?The Awareness Crusader? by CSO magazine in receiving their CSO COMPASS Award. He has designed and implemented and supported security awareness programs at organizations of all sizes, in all industries, around the world. Ira began his career at the National Security Agency, where he served in various roles as an Intelligence and Computer Systems Analyst. He has since served in other positions supporting the cybersecurity programs in organizations of all sizes.