Play all

Intro

INFORMATION SECURITY BURNOUT

CONSTANT FIREFIGHTING

PERSONAL RESPONSIBILITY

ONGOING CONFLICT WITH STAKEHOLDERS

CHANGING THREAT LANDSCAPE

Disrupt Security Cynicism

Discourage Heroics and Celebrate Long-term Wins

Build Additive Teams

Environment of Empathy and Collaboration

Business Enablement and Customer Service

Help Security Engineers think about Risk

Understand your Threat model and why Security matters

Be rigorous about Risk Outcomes

Strategic vs Operational Investments

Leverage Points and Efficiency

Minimize Impact to Critical Data Assets

Overall Security Assurance Balance of Proactive and Reactive Security Controls

Risk Appetite for Senior Leadership

Shared Guiding Principles

Description:

Explore strategies for building sustainable security programs in this 44-minute keynote address from BSidesSF 2022. Delve into the challenges faced by information security professionals, including burnout, constant firefighting, and evolving threat landscapes. Learn how to disrupt security cynicism, discourage heroics, and foster an environment of empathy and collaboration. Discover techniques for aligning security with business enablement, understanding threat models, and balancing proactive and reactive security controls. Gain insights on risk prioritization, strategic investments, and creating shared guiding principles to build a more resilient and effective security program.

Building Sustainable Security Programs

Security BSides San Francisco

Add to list

#Conference Talks #Security BSides #Business #Corporate Governance #Risk Management #Business Strategy #Strategic Planning #Management & Leadership #Leadership #Team Building