SlideShare a Scribd company logo

Using Permaculture to Cultivate a Sustainable Security Program

Download as PPTX, PDF
Distil Networks
Distil Networks

For centuries mankind’s greatest innovations came about through careful examination of natural systems. Information Security is no different. This presentation will explore how information security professionals can use the agricultural concept of “permaculture” (the practice of using design principles observed in natural ecosystems) to cultivate a sustainable, data-driven security program. In this fast-paced, thought-provoking session you’ll learn: - The basic tenets of permaculture and how they apply to information security strategy - How to build a security program that fosters collaboration, coupled with feedback loops and metrics - How embracing differences within an organization can lead to increases in productivity and security - Effective policy and control designs that enhance business objections as opposed to stifling them

Technology
1 of 43
Using Permaculture to Cultivate a Sustainable Security Program
Speaker Chris Nelson Director of Security for Distil Networks Vice President of Denver chapter of the ISSA Experienced in building security programs and controls across different verticals and maturity levels
The Basics of Permaculture 12 Design Principles The Zones Design Approaches Permaculture Principles Putting it all together Agenda
Why is this webinar About Nature? Much of of this talk uses examples from nature The goal is to apply these principles and design approaches to your environment
The Basics of Permaculture
What is Permaculture? Permaculture (permanent agriculture) is the conscious design and maintenance of agriculturally productive ecosystems which have the diversity, stability, and resilience of natural ecosystems.
The Prime Directive The only ethical decision is to take responsibility for our own existence and that of our children ○ Life is cooperative rather than competitive ○ Life forms of very different qualities may interact beneficially with one another and with their physical environment ○ Cooperation, not competition, is the very basis of existing life systems and of future survival
The 3 basic ethics Care of the Earth (The System) Care of People Reinvest the Surplus The Basic Ethics of Permaculture The System The People Reinvest the Surplus Image Source: www.lushusa.com
The 12 Design Principles of Permaculture Image Source: http://www.soilandsoul.org.uk
Design starts with Observation Design Principle IT Security Takeaway Observe & Interact By taking time to engage with our systems and teams we can design solutions that suit our particular situation Integrate rather than segregate By putting the right things in the right place, relationships develop between those things and they work together to support each other
Moving from Observation to Design Design Principle IT Security Takeaway Design from patterns to details We can observe patterns in nature, society and our systems and teams. These can form the backbone of our designs, with the details filled in as we go. Use slow and small solutions Small and slow systems are easier to maintain than big ones, making better use of local resources and producing more sustainable outcomes. This also allows us to fail faster and with less financial impact to the business. Use edges and value the marginal The interface between things is where the most interesting events take place. These are often the most valuable, diverse and productive elements in the system.
Optimize the use of your Resources Design Principle IT Security Takeaway Use and value renewable resources and services Make the best use of abundance, reduce consumptive behavior and dependence on non-renewable resources Produce No Waste By valuing and making use of all the resources that are available to us, nothing goes to waste Catch and Store Energy Developing systems that collect resources at peak abundance, we can use them in times of need
All Things can be Turned into Positive Resources Design Principle IT Security Takeaway Use and Value Diversity Diversity reduces vulnerability to a variety of threats and takes advantage of the unique nature of the environment in which it resides Apply Self-Regulation and Accept Feedback Discourage inappropriate activity to ensure that systems can continue to function well Creatively use and respond to change We can have a positive impact on inevitable change by carefully observing, and then intervening at the right time Obtain a Yield Ensure that you are getting truly useful rewards for your work
The Zones of Permaculture
What are the Zones and How are They Used? Zones are used to organize design elements on the basis of the frequency of use or needs. Zones are numbered 0 to 5 Frequently manipulated or harvested areas of a design have lower numbers Develop the nearest area first, get it under control, and then expand the perimeter 0 1 2 3 4 5
What are the Zones and How are They Used? 0 1 2 3 4 5 Zone Description 0 The house or center from which we work. 1 Includes elements in the system that require frequent attention, or that need to be visited often. 2 Includes artifacts that require less frequent maintenance 3 Main artifacts are grown here. After establishment, the maintenance required is fairly minimal. 4 A semi-wild area 5 A wilderness area. There is no human intervention in zone 5 apart from observation of natural ecosystems and cycles.
Aligning Security Processes and Controls to Zones Align your controls based on: ○ The number of times you need to visit the control; and ○ The number of times the control needs you to visit it For example: Item Frequency Zone IDS Alerts 25 to 50 per day 1 Malware Alerts 10 per week 2 VPN Logs 1 per day 3 Static Code Analysis 1 deploy per day 3
Applying the Zones to Your System Place components in relation to other components or functions for more efficiency Every element must be placed so that it serves at least two or more functions 0 1 2 3 4 5
The Concepts Within Permaculture Design
The Problem is the Solution Everything works both ways - how we see things that makes them advantageous or not Everything is a positive resource - it is up to us to work out how we may use it as such
Make the Least Change for the Greatest Possible Effect For example - When choosing a dam site, select the area where you get the most water for the least amount of earth moved.
Seeking Order Yields Energy Order and harmony produce energy for other uses Disorder consumes energy with no useful end
Nature is full of Cycles, Learn to Harness them Cycles are recurring events or phenomena Every cyclic event increases the opportunity for yield To increase cycling is to increase yield Cycles exist In Nature Cycles exist in IT
Diversity of Components The number of components in a system does not dictate their function or capacity Diversity does not guarantee stability or yield The beneficial connections between these components leads to stability The more numbers and types of tools, people, systems, and software don’t dictate capacity Positive connections between them, does
Permitted and Forced Functions Key elements in a system may supply many functions Trying to force too many functions on an element makes it collapse. People have a wide variety of skills They like to use them instead of being forced into a single function.
Work with nature, rather than against it We can assist rather than impede natural elements, forces, pressures, processes, agencies and evolutions “If we throw nature out the window, she comes back in the door with a pitchfork” -Masanobu Fukuoka Work to enable people, instead of impeding them
Applying Laws and Principles to Design Life Intervention Principle In chaos lies opportunity to creative order Law of Return Whatever we take, we must return Our goal as designers To prevent energy from leaving before the basic needs of the whole system are satisfied, so that growth, reproduction, and maintenance continue in our living components.
Proper Placement Principle If good placement is made, more advantages become obvious If we start well, other good things naturally follow on as an unplanned results
Obtaining Exportable Yields Gain a foothold Stabilize a small area Develop a self-reliance Be flexible in management ○ Steer based on trials ○ Act on new information ○ Continue to observe and adapt Start with one critical project, get it running well, and then expand to other projects. Adapt based on new information.
Tips for Designing Efficient Programs Design the program on paper Start with a nucleus and expand outward Set priorities based on economic reality Locate and trade for components Expand on information and area using controls suited for the site Break up the job into small, easily achieved, basic stages and complete these one at a time
Design Success Relies on People Embracing It The success of any design comes down to how it is accepted and implemented by the people on the ground Large, centralized schemes often result in ruins and monuments as opposed to stable, well- maintained ecologies
Putting it all together Every design is an assembly of components. The first priority is to locate and cost those components Where resources are scarce, look closely at the site, thinking of everything as a potential resource Planning stage is critical First attend to Zones 0-2 Develop very compact systems
Additional Resources http://permies.com http://permaculturenews.org/
The First Easy and Accurate Way to Defend Websites Against Malicious Bots About Distil Networks
How the Distil Bot Detection Solution Works As web traffic passes through Distil, the system 1. Fingerprints each incoming connection and compares it to our Known Violators Database 1. If it’s a new fingerprint, validates the browser to determine if it’s a Bot or Not 1. Based on your preferences, automatically tags, challenges, or blocks the bot
How Companies Benefit from Distil Increase insight & control over human, good bot & bad bot traffic Block 99.9% of malicious bots without impacting legitimate users Slash the high tax bots place on internal teams & web infrastructure Protect data from web scrapers, unauthorized aggregators & hackers
www.distilnetworks.com/trial/ Free trials available Two Months of Free Service + Traffic Analysis
www.distilnetworks.com QUESTIONS….COMMENTS? I N F O @ D I S T I L N E T W O R K S . C O M 1.866.423.0606 OR CALL US ON
Understandings Everything is of use. IT is not necessarily needed by people, but it is needed by the life complex of which we are dependent part. We cannot order complex functions. They must evolve themselves. We cannot know a fraction of what exists. We will always be a minor part of the total information system.
Everything Makes it’s Own Garden All things have an effect on their environment.
Combining Permaculture Principles and Designs
The Yield of a System is Theoretically Unlimited The only limit on the number of uses of a resource possible within a system is in the limit of the information and imagination of the designer.
Using Permaculture to Cultivate a Sustainable Security Program For centuries mankind’s greatest innovations came about through careful examination of natural systems. Information Security is no different. This presentation will explore how information security professionals can use the agricultural concept of “permaculture” (the practice of using design principles observed in natural ecosystems) to cultivate a sustainable, data-driven security program. In this fast-paced, thought-provoking session you’ll learn: ○ The basic tenets of permaculture and how they apply to information security strategy ○ How to build a security program that fosters collaboration, coupled with feedback loops and metrics ○ How embracing differences within an organization can lead to increases in productivity and security ○ Effective policy and control designs that enhance business objections as opposed to stifling them

Recommended

Systems Thinking
Systems ThinkingSystems Thinking
Systems ThinkingRam Srinivasan, CST
 
You wear it well - Wearable Technology Show 2015, London 11th March 2015
You wear it well - Wearable Technology Show 2015, London 11th March 2015You wear it well - Wearable Technology Show 2015, London 11th March 2015
You wear it well - Wearable Technology Show 2015, London 11th March 2015martinjgale
 
When speed-is-mission-critical sm
When speed-is-mission-critical smWhen speed-is-mission-critical sm
When speed-is-mission-critical smUtkan Uluçay, MSc., CDDP
 
Designing In Spite of Complexity
Designing In Spite of ComplexityDesigning In Spite of Complexity
Designing In Spite of ComplexityJulie Guinn
 
Introduction to Systems Thinking
Introduction to Systems ThinkingIntroduction to Systems Thinking
Introduction to Systems ThinkingAnupam Saraph
 
Large Scale Scrum: More with LeSS
Large Scale Scrum: More with LeSSLarge Scale Scrum: More with LeSS
Large Scale Scrum: More with LeSSRam Srinivasan, CST
 
From Cybernetics to DevOps and Beyond
From Cybernetics to DevOps and BeyondFrom Cybernetics to DevOps and Beyond
From Cybernetics to DevOps and BeyondJeff Sussna
 
Tech trends
Tech trendsTech trends
Tech trendsEd Smith
 

Recommended

Systems Thinking
Systems ThinkingSystems Thinking
Systems ThinkingRam Srinivasan, CST
 
You wear it well - Wearable Technology Show 2015, London 11th March 2015
You wear it well - Wearable Technology Show 2015, London 11th March 2015You wear it well - Wearable Technology Show 2015, London 11th March 2015
You wear it well - Wearable Technology Show 2015, London 11th March 2015martinjgale
 
When speed-is-mission-critical sm
When speed-is-mission-critical smWhen speed-is-mission-critical sm
When speed-is-mission-critical smUtkan Uluçay, MSc., CDDP
 
Designing In Spite of Complexity
Designing In Spite of ComplexityDesigning In Spite of Complexity
Designing In Spite of ComplexityJulie Guinn
 
Introduction to Systems Thinking
Introduction to Systems ThinkingIntroduction to Systems Thinking
Introduction to Systems ThinkingAnupam Saraph
 
Large Scale Scrum: More with LeSS
Large Scale Scrum: More with LeSSLarge Scale Scrum: More with LeSS
Large Scale Scrum: More with LeSSRam Srinivasan, CST
 
From Cybernetics to DevOps and Beyond
From Cybernetics to DevOps and BeyondFrom Cybernetics to DevOps and Beyond
From Cybernetics to DevOps and BeyondJeff Sussna
 
Tech trends
Tech trendsTech trends
Tech trendsEd Smith
 
Agile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptxAgile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptxtosoyo4069
 
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexityBA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexityBA and Beyond
 
Risk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational ApproachRisk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational ApproachGraydon McKee
 
Define Assertiveness
Define AssertivenessDefine Assertiveness
Define AssertivenessLindsey Jones
 
Service Ecosystem
Service EcosystemService Ecosystem
Service EcosystemRichard Veryard
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Mbm 208 unit i handsout
Mbm 208 unit i handsoutMbm 208 unit i handsout
Mbm 208 unit i handsoutrr80
 
Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability PlantEngineering
 
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...commonsenseLT
 
Operationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action ResearchOperationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action ResearchSpringboard Labs
 
Lean Software Development
Lean Software DevelopmentLean Software Development
Lean Software Developmentsushant.1409
 
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docxvickeryr87
 
CMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable DevelopmentCMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable DevelopmentAlexander Doré
 
Chapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by McChapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by McEstelaJeffery653
 
beginners-guide-to-observability.pdf
beginners-guide-to-observability.pdfbeginners-guide-to-observability.pdf
beginners-guide-to-observability.pdfValerioArvizzigno1
 
Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013Springboard Labs
 
The Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdfThe Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdfarwholesalelors
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehAnne Starr
 
Software delivery perfomance duncan ham
Software delivery perfomance duncan hamSoftware delivery perfomance duncan ham
Software delivery perfomance duncan hamDuncan Ham
 
Ebi Review Breeding Management B
Ebi Review Breeding Management BEbi Review Breeding Management B
Ebi Review Breeding Management Bguestda53ab
 
The Website Resiliency Imperative
The Website Resiliency ImperativeThe Website Resiliency Imperative
The Website Resiliency ImperativeDistil Networks
 
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?Distil Networks
 

More Related Content

Similar to Using Permaculture to Cultivate a Sustainable Security Program

Agile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptxAgile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptxtosoyo4069
 
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexityBA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexityBA and Beyond
 
Risk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational ApproachRisk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational ApproachGraydon McKee
 
Define Assertiveness
Define AssertivenessDefine Assertiveness
Define AssertivenessLindsey Jones
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Mbm 208 unit i handsout
Mbm 208 unit i handsoutMbm 208 unit i handsout
Mbm 208 unit i handsoutrr80
 
Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability PlantEngineering
 
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...commonsenseLT
 
Operationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action ResearchOperationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action ResearchSpringboard Labs
 
Lean Software Development
Lean Software DevelopmentLean Software Development
Lean Software Developmentsushant.1409
 
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docxvickeryr87
 
CMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable DevelopmentCMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable DevelopmentAlexander Doré
 
Chapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by McChapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by McEstelaJeffery653
 
beginners-guide-to-observability.pdf
beginners-guide-to-observability.pdfbeginners-guide-to-observability.pdf
beginners-guide-to-observability.pdfValerioArvizzigno1
 
Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013Springboard Labs
 
The Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdfThe Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdfarwholesalelors
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehAnne Starr
 
Software delivery perfomance duncan ham
Software delivery perfomance duncan hamSoftware delivery perfomance duncan ham
Software delivery perfomance duncan hamDuncan Ham
 
Ebi Review Breeding Management B
Ebi Review Breeding Management BEbi Review Breeding Management B
Ebi Review Breeding Management Bguestda53ab
 

Similar to Using Permaculture to Cultivate a Sustainable Security Program (20)

Agile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptxAgile Practices and Design Thinking.pptx
Agile Practices and Design Thinking.pptx
 
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexityBA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
BA and Beyond 19 Sponsor spotlight - Namahn - Beating complexity with complexity
 
Risk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational ApproachRisk Management: A Holistic Organizational Approach
Risk Management: A Holistic Organizational Approach
 
Define Assertiveness
Define AssertivenessDefine Assertiveness
Define Assertiveness
 
Service Ecosystem
Service EcosystemService Ecosystem
Service Ecosystem
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 
Mbm 208 unit i handsout
Mbm 208 unit i handsoutMbm 208 unit i handsout
Mbm 208 unit i handsout
 
Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability Safeabilty: Analyzing the Relationship between Safety and Reliability
Safeabilty: Analyzing the Relationship between Safety and Reliability
 
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
How to Achieve Superior Performance Improvement by Integrating Constraints Ma...
 
Operationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action ResearchOperationalizing Safety II Using Participatory Action Research
Operationalizing Safety II Using Participatory Action Research
 
Lean Software Development
Lean Software DevelopmentLean Software Development
Lean Software Development
 
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
1st Reply to Discussion, Project Management (Minimum 250 Words)I.docx
 
CMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable DevelopmentCMAD Group Workbook 2 Sustainable Development
CMAD Group Workbook 2 Sustainable Development
 
Chapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by McChapter 1Information Security OverviewCopyright © 2014 by Mc
Chapter 1Information Security OverviewCopyright © 2014 by Mc
 
beginners-guide-to-observability.pdf
beginners-guide-to-observability.pdfbeginners-guide-to-observability.pdf
beginners-guide-to-observability.pdf
 
Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013Operationalizing Safety II - Resilience Learning Network - January 10, 2013
Operationalizing Safety II - Resilience Learning Network - January 10, 2013
 
The Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdfThe Systems Development Life Cycle Moderate and large firms with uni.pdf
The Systems Development Life Cycle Moderate and large firms with uni.pdf
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
Software delivery perfomance duncan ham
Software delivery perfomance duncan hamSoftware delivery perfomance duncan ham
Software delivery perfomance duncan ham
 
Ebi Review Breeding Management B
Ebi Review Breeding Management BEbi Review Breeding Management B
Ebi Review Breeding Management B
 

More from Distil Networks

The Website Resiliency Imperative
The Website Resiliency ImperativeThe Website Resiliency Imperative
The Website Resiliency ImperativeDistil Networks
 
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?Distil Networks
 
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website Defenders
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website DefendersDistil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website Defenders
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website DefendersDistil Networks
 
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry EcosystemHow the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry EcosystemDistil Networks
 
Are Bot Operators Eating Your Lunch?
Are Bot Operators Eating Your Lunch?Are Bot Operators Eating Your Lunch?
Are Bot Operators Eating Your Lunch?Distil Networks
 
The Inconvenient Truth About API Security
The Inconvenient Truth About API SecurityThe Inconvenient Truth About API Security
The Inconvenient Truth About API SecurityDistil Networks
 
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad BotsDistil Networks
 
Better Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web SecurityBetter Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web SecurityDistil Networks
 
Ensuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data SecurityEnsuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data SecurityDistil Networks
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...Distil Networks
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryDistil Networks
 
Tune in for the Ultimate WAF Torture Test: Bots Attack!
Tune in for the Ultimate WAF Torture Test: Bots Attack!Tune in for the Ultimate WAF Torture Test: Bots Attack!
Tune in for the Ultimate WAF Torture Test: Bots Attack!Distil Networks
 
Cleaning up website traffic from bots & spammers
Cleaning up website traffic from bots & spammersCleaning up website traffic from bots & spammers
Cleaning up website traffic from bots & spammersDistil Networks
 

More from Distil Networks (14)

The Website Resiliency Imperative
The Website Resiliency ImperativeThe Website Resiliency Imperative
The Website Resiliency Imperative
 
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
Are Bad Bots Destroying Your Conversion Rate and Costing You Money?
 
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website Defenders
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website DefendersDistil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website Defenders
Distil Networks 2017 Bad Bot Report: 6 High Risk Lessons for Website Defenders
 
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry EcosystemHow the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
How the BOTS Act Impacts Premium Onsales and the Ticketing Industry Ecosystem
 
Are Bot Operators Eating Your Lunch?
Are Bot Operators Eating Your Lunch?Are Bot Operators Eating Your Lunch?
Are Bot Operators Eating Your Lunch?
 
The Inconvenient Truth About API Security
The Inconvenient Truth About API SecurityThe Inconvenient Truth About API Security
The Inconvenient Truth About API Security
 
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
 
Better Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web SecurityBetter Metrics, Less Hacks: Online Travel and The Future of Web Security
Better Metrics, Less Hacks: Online Travel and The Future of Web Security
 
Ensuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data SecurityEnsuring Property Portal Listing Data Security
Ensuring Property Portal Listing Data Security
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT Security
 
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
Field Guide To Preventing Competitor Price Scraping, Unwanted Transactions, B...
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad Inventory
 
Tune in for the Ultimate WAF Torture Test: Bots Attack!
Tune in for the Ultimate WAF Torture Test: Bots Attack!Tune in for the Ultimate WAF Torture Test: Bots Attack!
Tune in for the Ultimate WAF Torture Test: Bots Attack!
 
Cleaning up website traffic from bots & spammers
Cleaning up website traffic from bots & spammersCleaning up website traffic from bots & spammers
Cleaning up website traffic from bots & spammers
 

Recently uploaded

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Using Permaculture to Cultivate a Sustainable Security Program

  • 1. Using Permaculture to Cultivate a Sustainable Security Program
  • 2. Speaker Chris Nelson Director of Security for Distil Networks Vice President of Denver chapter of the ISSA Experienced in building security programs and controls across different verticals and maturity levels
  • 3. The Basics of Permaculture 12 Design Principles The Zones Design Approaches Permaculture Principles Putting it all together Agenda
  • 4. Why is this webinar About Nature? Much of of this talk uses examples from nature The goal is to apply these principles and design approaches to your environment
  • 5. The Basics of Permaculture
  • 6. What is Permaculture? Permaculture (permanent agriculture) is the conscious design and maintenance of agriculturally productive ecosystems which have the diversity, stability, and resilience of natural ecosystems.
  • 7. The Prime Directive The only ethical decision is to take responsibility for our own existence and that of our children ○ Life is cooperative rather than competitive ○ Life forms of very different qualities may interact beneficially with one another and with their physical environment ○ Cooperation, not competition, is the very basis of existing life systems and of future survival
  • 8. The 3 basic ethics Care of the Earth (The System) Care of People Reinvest the Surplus The Basic Ethics of Permaculture The System The People Reinvest the Surplus Image Source: www.lushusa.com
  • 9. The 12 Design Principles of Permaculture Image Source: http://www.soilandsoul.org.uk
  • 10. Design starts with Observation Design Principle IT Security Takeaway Observe & Interact By taking time to engage with our systems and teams we can design solutions that suit our particular situation Integrate rather than segregate By putting the right things in the right place, relationships develop between those things and they work together to support each other
  • 11. Moving from Observation to Design Design Principle IT Security Takeaway Design from patterns to details We can observe patterns in nature, society and our systems and teams. These can form the backbone of our designs, with the details filled in as we go. Use slow and small solutions Small and slow systems are easier to maintain than big ones, making better use of local resources and producing more sustainable outcomes. This also allows us to fail faster and with less financial impact to the business. Use edges and value the marginal The interface between things is where the most interesting events take place. These are often the most valuable, diverse and productive elements in the system.
  • 12. Optimize the use of your Resources Design Principle IT Security Takeaway Use and value renewable resources and services Make the best use of abundance, reduce consumptive behavior and dependence on non-renewable resources Produce No Waste By valuing and making use of all the resources that are available to us, nothing goes to waste Catch and Store Energy Developing systems that collect resources at peak abundance, we can use them in times of need
  • 13. All Things can be Turned into Positive Resources Design Principle IT Security Takeaway Use and Value Diversity Diversity reduces vulnerability to a variety of threats and takes advantage of the unique nature of the environment in which it resides Apply Self-Regulation and Accept Feedback Discourage inappropriate activity to ensure that systems can continue to function well Creatively use and respond to change We can have a positive impact on inevitable change by carefully observing, and then intervening at the right time Obtain a Yield Ensure that you are getting truly useful rewards for your work
  • 14. The Zones of Permaculture
  • 15. What are the Zones and How are They Used? Zones are used to organize design elements on the basis of the frequency of use or needs. Zones are numbered 0 to 5 Frequently manipulated or harvested areas of a design have lower numbers Develop the nearest area first, get it under control, and then expand the perimeter 0 1 2 3 4 5
  • 16. What are the Zones and How are They Used? 0 1 2 3 4 5 Zone Description 0 The house or center from which we work. 1 Includes elements in the system that require frequent attention, or that need to be visited often. 2 Includes artifacts that require less frequent maintenance 3 Main artifacts are grown here. After establishment, the maintenance required is fairly minimal. 4 A semi-wild area 5 A wilderness area. There is no human intervention in zone 5 apart from observation of natural ecosystems and cycles.
  • 17. Aligning Security Processes and Controls to Zones Align your controls based on: ○ The number of times you need to visit the control; and ○ The number of times the control needs you to visit it For example: Item Frequency Zone IDS Alerts 25 to 50 per day 1 Malware Alerts 10 per week 2 VPN Logs 1 per day 3 Static Code Analysis 1 deploy per day 3
  • 18. Applying the Zones to Your System Place components in relation to other components or functions for more efficiency Every element must be placed so that it serves at least two or more functions 0 1 2 3 4 5
  • 19. The Concepts Within Permaculture Design
  • 20. The Problem is the Solution Everything works both ways - how we see things that makes them advantageous or not Everything is a positive resource - it is up to us to work out how we may use it as such
  • 21. Make the Least Change for the Greatest Possible Effect For example - When choosing a dam site, select the area where you get the most water for the least amount of earth moved.
  • 22. Seeking Order Yields Energy Order and harmony produce energy for other uses Disorder consumes energy with no useful end
  • 23. Nature is full of Cycles, Learn to Harness them Cycles are recurring events or phenomena Every cyclic event increases the opportunity for yield To increase cycling is to increase yield Cycles exist In Nature Cycles exist in IT
  • 24. Diversity of Components The number of components in a system does not dictate their function or capacity Diversity does not guarantee stability or yield The beneficial connections between these components leads to stability The more numbers and types of tools, people, systems, and software don’t dictate capacity Positive connections between them, does
  • 25. Permitted and Forced Functions Key elements in a system may supply many functions Trying to force too many functions on an element makes it collapse. People have a wide variety of skills They like to use them instead of being forced into a single function.
  • 26. Work with nature, rather than against it We can assist rather than impede natural elements, forces, pressures, processes, agencies and evolutions “If we throw nature out the window, she comes back in the door with a pitchfork” -Masanobu Fukuoka Work to enable people, instead of impeding them
  • 27. Applying Laws and Principles to Design Life Intervention Principle In chaos lies opportunity to creative order Law of Return Whatever we take, we must return Our goal as designers To prevent energy from leaving before the basic needs of the whole system are satisfied, so that growth, reproduction, and maintenance continue in our living components.
  • 28. Proper Placement Principle If good placement is made, more advantages become obvious If we start well, other good things naturally follow on as an unplanned results
  • 29. Obtaining Exportable Yields Gain a foothold Stabilize a small area Develop a self-reliance Be flexible in management ○ Steer based on trials ○ Act on new information ○ Continue to observe and adapt Start with one critical project, get it running well, and then expand to other projects. Adapt based on new information.
  • 30. Tips for Designing Efficient Programs Design the program on paper Start with a nucleus and expand outward Set priorities based on economic reality Locate and trade for components Expand on information and area using controls suited for the site Break up the job into small, easily achieved, basic stages and complete these one at a time
  • 31. Design Success Relies on People Embracing It The success of any design comes down to how it is accepted and implemented by the people on the ground Large, centralized schemes often result in ruins and monuments as opposed to stable, well- maintained ecologies
  • 32. Putting it all together Every design is an assembly of components. The first priority is to locate and cost those components Where resources are scarce, look closely at the site, thinking of everything as a potential resource Planning stage is critical First attend to Zones 0-2 Develop very compact systems
  • 34. The First Easy and Accurate Way to Defend Websites Against Malicious Bots About Distil Networks
  • 35. How the Distil Bot Detection Solution Works As web traffic passes through Distil, the system 1. Fingerprints each incoming connection and compares it to our Known Violators Database 1. If it’s a new fingerprint, validates the browser to determine if it’s a Bot or Not 1. Based on your preferences, automatically tags, challenges, or blocks the bot
  • 36. How Companies Benefit from Distil Increase insight & control over human, good bot & bad bot traffic Block 99.9% of malicious bots without impacting legitimate users Slash the high tax bots place on internal teams & web infrastructure Protect data from web scrapers, unauthorized aggregators & hackers
  • 37. www.distilnetworks.com/trial/ Free trials available Two Months of Free Service + Traffic Analysis
  • 38. www.distilnetworks.com QUESTIONS….COMMENTS? I N F O @ D I S T I L N E T W O R K S . C O M 1.866.423.0606 OR CALL US ON
  • 39. Understandings Everything is of use. IT is not necessarily needed by people, but it is needed by the life complex of which we are dependent part. We cannot order complex functions. They must evolve themselves. We cannot know a fraction of what exists. We will always be a minor part of the total information system.
  • 40. Everything Makes it’s Own Garden All things have an effect on their environment.
  • 42. The Yield of a System is Theoretically Unlimited The only limit on the number of uses of a resource possible within a system is in the limit of the information and imagination of the designer.
  • 43. Using Permaculture to Cultivate a Sustainable Security Program For centuries mankind’s greatest innovations came about through careful examination of natural systems. Information Security is no different. This presentation will explore how information security professionals can use the agricultural concept of “permaculture” (the practice of using design principles observed in natural ecosystems) to cultivate a sustainable, data-driven security program. In this fast-paced, thought-provoking session you’ll learn: ○ The basic tenets of permaculture and how they apply to information security strategy ○ How to build a security program that fosters collaboration, coupled with feedback loops and metrics ○ How embracing differences within an organization can lead to increases in productivity and security ○ Effective policy and control designs that enhance business objections as opposed to stifling them