Realistic Threats
Nation states aren’t after you
https://twitter.com/beajammingh/status/1191884466752385025
https://twitter.com/beajammingh/status/1198671660150226946
https://twitter.com/beajammingh/status/1198671952824565762
https://www.leviathansecurity.com/blog/the-calculus-of-threat-modeling
What are credible threats?
Malicious insiders -
Non-malicious insiders - https://www.scmagazine.com/home/security-news/not-every-insider-threat-is-malicious-but-all-are-dangerous/
Education issue?
Is there such a thing as ‘non-malicious’ or is this just bunk?
Real threats
https://resources.infosecinstitute.com/5-new-threats-every-organization-prepared-2018/
CIO magazine threats -- buzzword threats (we should totally containerize all the things)
Vulns that have names (blue team is stuck dealing with ‘theoretical’ issues e.g. SPECTRE/MELTDOWN)
Lack of well-priced training?
Dev Training?
Security Training?
Better management communication will reduce threats
Building trust so they don’t freak when ‘$insert_named_vuln’ shows up
Gotta frame it to business needs
“Everyone is vulnerable” - keep FUD to a minimum, don’t exaggerate.
Know your industry’s threats (phishing, money transfer fraud, malware
Patreon donor: Michael K. $10 patron!
Layer8conf - https://www.workshopcon.com/events
https://layer8conference.com/
Regarding diversity scholarships, it's being worked on and the number of available spots will highly depend on the number of Sponsorships the conference secures.
As a side note WorkshopCon will sponsor a number of Layer8 conference tickets if people follow @WorkshopCon on Twitter and tweet to us why they are interested in Social Engineering and OSINT topics with hashtag #sendMeToLayer8. We will select folks from those tweets with the emphasis being on folks coming from underrepresented or minority groups.
In terms of sponsorship information for Layer8, Patrick wants people to send an email to sponsors@layer8conference.com
Please let us know if you have any other questions, and thank you so much for giving us a hand spreading the word!!!
Saturday June 6, 2020, RI Convention Center
https://www.dianainitiative.org/
https://twitter.com/DianaInitiative
Conference in Las Vegas (Aug 6-7, 2020) (Thu & Fri)
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#Brakesec Store!:https://www.teepublic.com/user/bdspodcast
#Spotify: https://brakesec.com/spotifyBDS
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
No comments:
Post a Comment