Presentation Material
Abstract
“Attack is a technical problem. Defence is a politcal problem.” — Halvar Flake, keynote Blackhat Asia 2017.
Defending an enterprise is a balancing act. I have worked as an offensive testing vendor to several global organisations over 18 years. This talk explores the challenges that today’s CISOs face – the threat landscape, overall shortage of infosec expertise, the ever evaporating shelf life of infosec products and an increased burden of compliance requirements. I will share my experiences from working with highly effective CISOs and internal infosec teams and what it takes to function on the razor’s edge.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker shares their experience in building a threat analytics engine from scratch, which cost between $25,000 to $100,000. They used this engine to analyze HTTP traffic and identify correlations to stop phishing campaigns, resulting in significant savings of around $3.5 million in fraud prevention within the first year.
The conversation then shifts to the challenge of communicating security successes to upper management, who may not see the value of security efforts when no incidents occur. The speaker emphasizes the importance of using KPIs (key performance indicators) to demonstrate results and deliver value.
Another topic discussed is the potential for open-source products in security, with the example of Facebook’s OSquery, which allows for querying processes like a SQL table. The speaker believes that building an open-source product can be beneficial for growing and retaining a team.
The conversation also touches on the idea of separating compliance roles from CISO (Chief Information Security Officer) roles, allowing the CISO to focus on defending against attackers while the compliance officer handles regulatory and privacy aspects.