|
PRESENTATION:
|
InfoSec at Peak Prevention
|
|
PRESENTER(S):
|
Daniel Miessler, Director of Advisory Services for IOActive
|
|
CONFERENCE:
|
AppSec California
|
|
LOCATION:
|
Annenberg Community Beach House, Santa Monica, CA
|
|
DATE & TIME:
|
January 24, 2017 at 2:30pm PT
|
There is a widely known concept called “Peak Oil,” that essentially says there’s a limit to how much oil we can produce, after which point production must decline and new energy sources must be found. This presentation by Daniel Miessler applies a similar methodology in exploring the concept of “Peak Prevention,” as it relates to cybersecurity. The idea is that there is only so much prevention that can be done to protect systems from attack and when putting defenses in place, you do eventually reach diminishing returns, at which point other methods of risk reduction must be identified and employed.
Daniel will explore the question of how close we are to Peak Prevention in cybersecurity currently, and what other approaches to risk reduction are available to consider.
About Daniel Miessler
Daniel Miessler is the Director of Advisory Services at IOActive and has 17 years of experience in information security. His background is in technical security testing and enterprise defense, including network, web, application, mobile, IoT testing, and adversary-based risk management. He is the leader of the OWASP IoT Security project and speaks regularly at conferences, on panels, and to the media on the topics of information security and technology trends. He also produces a blog, podcast, and newsletter with similar themes.
About AppSec California
OWASP’s 4th Annual AppSec California Conference is a unique opportunity for information security professionals, developers, pentesters, and QA and testing professionals, as they converge to learn and share experiences about secure systems and secure development methodologies. Attendees will hear from world-renowned speakers, as well as participate in trainings and networking events. OWASP Los Angeles Chapter teamed up with the Orange County, Santa Barbara and San Diego chapters to host the conference.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
|
Daniel Miessler, Director of Advisory Services for IOActive
|
|
|
CONFERENCE:
|
AppSec California
|
|
LOCATION:
|
Annenberg Community Beach House, Santa Monica, CA
|
|
DATE & TIME:
|
January 24, 2017 at 2:30pm PT
|
There is a widely known concept called “Peak Oil,” that essentially says there’s a limit to how much oil we can produce, after which point production must decline and new energy sources must be found. This presentation by Daniel Miessler applies a similar methodology in exploring the concept of “Peak Prevention,” as it relates to cybersecurity. The idea is that there is only so much prevention that can be done to protect systems from attack and when putting defenses in place, you do eventually reach diminishing returns, at which point other methods of risk reduction must be identified and employed.
Daniel will explore the question of how close we are to Peak Prevention in cybersecurity currently, and what other approaches to risk reduction are available to consider.
About Daniel Miessler
Daniel Miessler is the Director of Advisory Services at IOActive and has 17 years of experience in information security. His background is in technical security testing and enterprise defense, including network, web, application, mobile, IoT testing, and adversary-based risk management. He is the leader of the OWASP IoT Security project and speaks regularly at conferences, on panels, and to the media on the topics of information security and technology trends. He also produces a blog, podcast, and newsletter with similar themes.
About AppSec California
OWASP’s 4th Annual AppSec California Conference is a unique opportunity for information security professionals, developers, pentesters, and QA and testing professionals, as they converge to learn and share experiences about secure systems and secure development methodologies. Attendees will hear from world-renowned speakers, as well as participate in trainings and networking events. OWASP Los Angeles Chapter teamed up with the Orange County, Santa Barbara and San Diego chapters to host the conference.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.