A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


You Are Making Bad Decisions and You Should Feel Bad - Joel Cardella Converge 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

You Are Making Bad Decisions and You Should Feel Bad
Joel Cardella

Have you ever made poor security decisions? Have you thought a decision was a good one only to find out later that it wasn't? Do you feel like you don’t have enough control to make good decisions, or maybe you don’t recognize what a good decision is? If you answered yes to any of these, then read on, adventurer! Whether working with users, managers, auditors, vendors, or anyone else, questions about how you make decisions can be difficult to answer. It’s common for security decision making in large or small enterprises to be done in a vacuum. Decisions are made without proper business context, or without adequate direction or sponsorship. This talk aims to put context around security decision making, whether it's related to internal processes, budget and spending, and/or dealing with vendors. The audience will get an understanding of the right questions to ask at all levels of an organization to get the right inputs and make sure their decisions are based on solid, defensible principles. The end result is an overall reduction of risk, better basis for decision making and better decision options to present.

Joel Cardella has over 25 years of experience in information technology, having run a gamut from network operations, sales support, data center management, field operations and information security. He has worked in industries including telecommunications, healthcare and manufacturing. Prior to Rapid7 he held the role of Regional Security Officer for North America for a multinational manufacturing company.

Back to Converge 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast