Presentation Material

AI Generated Summary^{may contain errors}

Here is a summarized version of the content:

The speaker discusses the challenges of cybersecurity in modern organizations. They highlight that 50% of attacks are human-related, 49% due to misconfiguration, and 44% of companies don’t know where their assets are. This lack of visibility and mismanagement leads to security breaches.

The speaker advocates for a zero-trust principle, assuming that the environment is already compromised and verifying everyone and everything. They also mention the concept of cyber survivability, focusing on resilience rather than system-focused security.

The main reasons for this situation include:

1. Blurred visibility in our own ecosystem due to third-party ownership.
2. Over 50 isolated controls that don’t talk to each other.
3. Lack of trust in systems and reliance on dashboards rather than active monitoring.
4. Flat networks allowing attacks to propagate internally.
5. Digital transformation and cloudification without proper security measures.
6. Blind trust in supply chains, contractors, and partners.
7. Convergence of IT and OT (Operational Technology) with limited agent-based solutions.

The speaker emphasizes that the root cause is a lack of fundamentals, such as patching systems, addressing misconfigurations, and implementing least privilege approaches. They believe it’s easier to protect smaller companies than larger ones due to limited exposure. The speaker concludes by emphasizing the importance of adopting a responsible cybersecurity approach, rather than relying on new technologies or personal brand management.