• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
 

IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs

on

  • 174 views

How we exclude people from information security (design) which takes away the overwhelmingly biggest threat-AND-vulnerability; how we need to ditch the top-down compliance approach, and how to do ...

How we exclude people from information security (design) which takes away the overwhelmingly biggest threat-AND-vulnerability; how we need to ditch the top-down compliance approach, and how to do security bottom-up. KISS.

Statistics

Views

Total Views
174
Views on SlideShare
174
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-NonCommercial LicenseCC Attribution-NonCommercial License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs Presentation Transcript

    • Street Smart Solutions require Ditto Design Achter de kudde of Vóórdat het misgaat Jurgen van der Vlugt Amsterdam, 12 september 2013
    • Introductie • Jurgen = Ir.drs. J. van der Vlugt RE CISA CRISC • ISSA, president NL chapter, member Ethics Committee • ISACA, NL board for Roundtables • Supranationale organisatie, IT-audit • Maverisk Consultancy, IS Audit and Advisory services • KPMG, ABN AMRO, host of others • ERM/ORM, (IS) Audit, (Info)Security • Yup: WIP, gaarne ‘vragen’
    • Agenda • Massa • -loos • … is dom • Reacties • Vangrails • Simpel maar hard • Be Prepared
    • De massa
    • Massa-loos: People-less Process & Technology
    • Resultaat: … is dom
    • (FUD)
    • In short, you can screw up with impuny as long as you screw up like everybody else. (David Putnam in Seth Godin, The Icarus Deception, p.203)
    • Reacties
    • Eigen Groep Eerst
    • Respons
    • Range
    • Radicalen • (Extremistisch- bureaucratischen) • Defectors (afvalligen) • ALTIJD • Horen erbij! • Houden de boel fris!
    • Vrijheid door vangrails Aristotle might say that we need rules to protect us from disaster. But at the same time, rules without wisdom are blind and at best guarantee mediocrity – forcing wise practitioners to become outlaws, rule-breakers pursuing a kind of guerrilla war to achieve excellence. Weick found that the longer the checklists for the wildland firefighters became, the more improvisation was shut down. Rules are aids, allies, guides, and checks. But too much reliance on rules can squeeze out the judgement that is necessary to do our work well. ... Better to minimize the number of rules, give up trying to cover every particular circumstance, and instead do more training to encourage skill and practical reasoning and intuition. (Schwartz and Scharpe, Practical Wisdom)
    • Vangrails: Simpel maar hard Be Prepared
    • De juiste druk; effectief design • Doorzie het dilemma • Zie de druk van allevier de kringen • Alles op de juiste maat • Stimuleer samenwerking • Pakkans ~ straf • Kies algemene, reactieve (?) sec.systems • Pas op concentratie-Points of Failure • Alles transparant
    • Pt > Dt + Rt (Pt > 0) E = Dt + Rt (Pt = 0) → Zero-day exploits, or any unknown vectors
    • Agenda • Massa • -loos • … is dom • Reacties • Vangrails • Simpel maar hard • Be Prepared
    • Hoop dat het ritje beviel.Hoop dat het ritje beviel. Dat was alles. Dank U.Dat was alles. Dank U.
    • Dank u
    • • Jurgen van der Vlugt • Jvdvlugt@maverisk.nl • LinkedIn http://nl.linkedin.com/in/jurgenvandervlugt/ • Twitter @jvdvlugt • (G+, etc.etc.) Contactdetails Dogma: The problem starts at the secondary level, not with the originator or the developer of the idea but with the people who are attracted by it, who cling to it until their last nail breaks, and who invariably lack the overview, flexibility, imagination, and, most importantly, sense of humor, to maintain it in the spirit in which it was hatched. Ideas are made by masters, dogma by disciples, and the Buddha is always killed on the road. (Tom Robbins, Still Life with Woodpecker, 1984)
    • Leesvoer
    • How to Stop