A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Itís Not Your Perimeter, Itís You That Sucks! Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Itís Not Your Perimeter, Itís You That Sucks!
Derbycon 2012

At the Inaugural Derbycon, Boris Sverdlik struck a nerve with participants by claiming that Ďusersí need to Ďstop clicking shití. That is well and dandy for catchphrases and pillow talk, but the Ďuserí continues to be a scapegoat for our own inabilities to educate and execute. The information security programs we are so heavily invested in are failing when it comes to security awareness training and addressing the needs of the people chartered with protecting your companyís assets. In response to the challenge issued during the presentation, a handful of brave, attractive, and sometimes intelligent people launched the Security Awareness Training Framework (SATF) with the explicit goal of establishing a free and open source living, industry-wide framework to provide practitioners the crucial components necessary to address security awareness at the proper context for the Ďuserí, whomever the Ďuserí is. In this presentation, we will provide an update as to how the project has progressed after one year, where it is going, and provide information on how to get involved with this project.

KC Yerrid, Boris Sverdlik, Matt Jezorek

K.C. Yerrid is an independent consultant with a wide range of experience in information security, organizational behavior, and psychology. With his undergraduate degree in Computer Science, he can bang out a mean Turbo Pascal or COBOL program. With his Masterís Degree in Information Security Management (MISM) he can tell you what is wrong with an organizationís security department. With his Masterís Degree in Business Administration (MBA), he can forecast and explain how you donít have enough money allocated to your security departments initiatives. Finally, upon his completion of his Doctorate in Organizational Management within Information Technology, he will be able to tell you why your staff is leaving for greener pastures or how to make them work smarter. K.C. has deferred his student loans nearly as far as he can by remaining an active student in studying the hands-off aspects of information security, yet is just curious and resourceful enough to remain semi-relevant amongst techies that are much smarter than he is.

Matt Jezorek is a security student who does not actually do anything. He thought about getting paper certified but decided that money was better spent on alcohol.

Boris Sverdlik is a Senior Partner at Jaded Security Consulting. He is a Solutions-oriented Information security consultant with a proven record of directing a range of security initiatives; adhering to best practices and regulatory requirements. He have been at the forefront of information security spanning more than a decade. Boris has been on both sides of the fence, protecting assets as head of security within the financials as well as performing penetration tests as an external entity. The value I believe I bring to the table is that breadth of experience.He does defense during the day and offense at night. And he says he loves absolutely every minute of it. Boris is also a co-host of the ISDPodcast.


Back to Derbycon 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast