SlideShare a Scribd company logo

Ron Martin - Human Shields for your Network

B
bsidesaugusta
TechnologyEducation
1 of 11
Human Shields for the Network Making users part of the solution Ron Martin, CISSP
whoami • Ron Martin – Christian, Husband, Father – BS in CS – MS in CIS – CISSP, GCIA, GCIH, etc. – ICE, inc. • US Army Contractor • Teach CISSP, Security+, IA Immersion – Adjunct GRU
Motivation • My passion is teaching • IA Lexicon – Password – Awareness • Extrusion Detection – Richard Bejtlich – ISBN 978-0321349965
Agenda • What are we trying to accomplish? • First point of attack • Current state of the user • Current state of training • Solutions
What are we trying to accomplish? Simple A more secure network
First Point of Attack • First point of attack = first point of defense • Applications vs. Users as target • Should we depend on Technology or Users for defense? • Technology – AV – Firewall – IDS – Etc. • Users – Training – Common Sense
Current State of the User • Confused – Lack of policy awareness – Lack of policy existence • Frustrated – Threatened – Unsure • Scared – Consequences for non-compliance are extremely negative • Irritated – Help Desk attitude • Arrogant • Condescending • Lack of concern – Help Desk typically is typically the First Responder
Current State of Training • Leads to the current state of the user • Ineffective – Focuses on the Organization over the individual – Too technical – Too detailed – Little user stake
Solutions • Orient training to the individual – Focus loss on individual work not just damage to the organization – BYOD could provide a huge opportunity here • Train Helpdesk and support personnel – Don’t let them be “Nick Burns” • Clear well defined policies – stress benefits of compliance rather than adverse consequences
Conclusion • We already have Human Shields – they’re called users • Leverage their familiarity of their own systems • Let them be a part of the solution • This will help us create a more secure network
Questions ?

Recommended

Community IT Webinar - Build your own BYOD Policy
Community IT Webinar - Build your own BYOD PolicyCommunity IT Webinar - Build your own BYOD Policy
Community IT Webinar - Build your own BYOD PolicyCommunity IT Innovators
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017Etienne Liebetrau
 
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...Eduardo Baltierra Trejo
 
Porto meu rio minha cidade
Porto meu rio minha cidadePorto meu rio minha cidade
Porto meu rio minha cidadePelo Siro
 
watch movies data center
watch movies data centerwatch movies data center
watch movies data centerManuel4345543
 
Biokomponenty broszura
Biokomponenty broszuraBiokomponenty broszura
Biokomponenty broszuraLiga Ochrony Przyrody Oddział Szczecin
 
07 propriedades termicas
07 propriedades termicas07 propriedades termicas
07 propriedades termicasA X.S
 
6454012 senarai-penanda-wacana
6454012 senarai-penanda-wacana6454012 senarai-penanda-wacana
6454012 senarai-penanda-wacanaRubini Rubi
 

Recommended

Community IT Webinar - Build your own BYOD Policy
Community IT Webinar - Build your own BYOD PolicyCommunity IT Webinar - Build your own BYOD Policy
Community IT Webinar - Build your own BYOD PolicyCommunity IT Innovators
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017Etienne Liebetrau
 
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...
Aprovechamiento novedoso de residuos agrícolas (lignina de paja) como fuente ...Eduardo Baltierra Trejo
 
Porto meu rio minha cidade
Porto meu rio minha cidadePorto meu rio minha cidade
Porto meu rio minha cidadePelo Siro
 
watch movies data center
watch movies data centerwatch movies data center
watch movies data centerManuel4345543
 
Biokomponenty broszura
Biokomponenty broszuraBiokomponenty broszura
Biokomponenty broszuraLiga Ochrony Przyrody Oddział Szczecin
 
07 propriedades termicas
07 propriedades termicas07 propriedades termicas
07 propriedades termicasA X.S
 
6454012 senarai-penanda-wacana
6454012 senarai-penanda-wacana6454012 senarai-penanda-wacana
6454012 senarai-penanda-wacanaRubini Rubi
 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
A Thing of Beauty XII
A Thing of Beauty XIIA Thing of Beauty XII
A Thing of Beauty XIIGirijesh Dwivedi
 
Produkcja biodiesla agnieszka gawska
Produkcja biodiesla agnieszka gawskaProdukcja biodiesla agnieszka gawska
Produkcja biodiesla agnieszka gawskaLiga Ochrony Przyrody Oddział Szczecin
 
Bm peribahasa
Bm peribahasaBm peribahasa
Bm peribahasaKPMG
 
Pintar Peribahasa 1
Pintar Peribahasa 1Pintar Peribahasa 1
Pintar Peribahasa 1Cikgu Ros
 
Hc 156 - A Ovelha Perdida
Hc 156 - A Ovelha PerdidaHc 156 - A Ovelha Perdida
Hc 156 - A Ovelha PerdidaPartitura de Banda
 
Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Robi Sen
 
Staying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving WorldStaying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving Worldbrian andrews
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT IssueEvan Francen
 
Security.ppt
Security.pptSecurity.ppt
Security.pptssuser50c54b
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Kimberley Dray
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionStephen Cobb
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleanerJohn Stauffacher
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramTyrone Grandison
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
(2016_01_20)_IS_Management_Basics_LinkedIn
(2016_01_20)_IS_Management_Basics_LinkedIn(2016_01_20)_IS_Management_Basics_LinkedIn
(2016_01_20)_IS_Management_Basics_LinkedInIan Naumenko, CISSP, CRISC
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 

More Related Content

Viewers also liked

Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
Bm peribahasa
Bm peribahasaBm peribahasa
Bm peribahasaKPMG
 
Pintar Peribahasa 1
Pintar Peribahasa 1Pintar Peribahasa 1
Pintar Peribahasa 1Cikgu Ros
 

Viewers also liked (6)

Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.com
 
A Thing of Beauty XII
A Thing of Beauty XIIA Thing of Beauty XII
A Thing of Beauty XII
 
Produkcja biodiesla agnieszka gawska
Produkcja biodiesla agnieszka gawskaProdukcja biodiesla agnieszka gawska
Produkcja biodiesla agnieszka gawska
 
Bm peribahasa
Bm peribahasaBm peribahasa
Bm peribahasa
 
Pintar Peribahasa 1
Pintar Peribahasa 1Pintar Peribahasa 1
Pintar Peribahasa 1
 
Hc 156 - A Ovelha Perdida
Hc 156 - A Ovelha PerdidaHc 156 - A Ovelha Perdida
Hc 156 - A Ovelha Perdida
 

Similar to Ron Martin - Human Shields for your Network

Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Robi Sen
 
Staying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving WorldStaying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving Worldbrian andrews
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT IssueEvan Francen
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Kimberley Dray
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionStephen Cobb
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramTyrone Grandison
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)Mosoco Ltd
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 

Similar to Ron Martin - Human Shields for your Network (20)

Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for Nonprofits
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
 
Staying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving WorldStaying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving World
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
(2016_01_20)_IS_Management_Basics_LinkedIn
(2016_01_20)_IS_Management_Basics_LinkedIn(2016_01_20)_IS_Management_Basics_LinkedIn
(2016_01_20)_IS_Management_Basics_LinkedIn
 
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
2-sec "A Day in the Life of a Cyber Security Professional" Interop London Jun...
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
 
A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)A process for measuring cyber security culture (very draft)
A process for measuring cyber security culture (very draft)
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small Business
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
 

More from bsidesaugusta

Not Big Data, AnyData
Not Big Data, AnyData Not Big Data, AnyData
Not Big Data, AnyData bsidesaugusta
 
David Bianco - Enterprise Security Monitoring
David Bianco - Enterprise Security MonitoringDavid Bianco - Enterprise Security Monitoring
David Bianco - Enterprise Security Monitoringbsidesaugusta
 
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesSecurity Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesbsidesaugusta
 
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)Paul Coggin - Digital Energy BPT (Basic Persistent Threat)
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)bsidesaugusta
 

More from bsidesaugusta (6)

EMET
EMETEMET
EMET
 
Not Big Data, AnyData
Not Big Data, AnyData Not Big Data, AnyData
Not Big Data, AnyData
 
Eyeing the Onion
Eyeing the OnionEyeing the Onion
Eyeing the Onion
 
David Bianco - Enterprise Security Monitoring
David Bianco - Enterprise Security MonitoringDavid Bianco - Enterprise Security Monitoring
David Bianco - Enterprise Security Monitoring
 
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesSecurity Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutes
 
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)Paul Coggin - Digital Energy BPT (Basic Persistent Threat)
Paul Coggin - Digital Energy BPT (Basic Persistent Threat)
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

Ron Martin - Human Shields for your Network

  • 1. Human Shields for the Network Making users part of the solution Ron Martin, CISSP
  • 2. whoami • Ron Martin – Christian, Husband, Father – BS in CS – MS in CIS – CISSP, GCIA, GCIH, etc. – ICE, inc. • US Army Contractor • Teach CISSP, Security+, IA Immersion – Adjunct GRU
  • 3. Motivation • My passion is teaching • IA Lexicon – Password – Awareness • Extrusion Detection – Richard Bejtlich – ISBN 978-0321349965
  • 4. Agenda • What are we trying to accomplish? • First point of attack • Current state of the user • Current state of training • Solutions
  • 5. What are we trying to accomplish? Simple A more secure network
  • 6. First Point of Attack • First point of attack = first point of defense • Applications vs. Users as target • Should we depend on Technology or Users for defense? • Technology – AV – Firewall – IDS – Etc. • Users – Training – Common Sense
  • 7. Current State of the User • Confused – Lack of policy awareness – Lack of policy existence • Frustrated – Threatened – Unsure • Scared – Consequences for non-compliance are extremely negative • Irritated – Help Desk attitude • Arrogant • Condescending • Lack of concern – Help Desk typically is typically the First Responder
  • 8. Current State of Training • Leads to the current state of the user • Ineffective – Focuses on the Organization over the individual – Too technical – Too detailed – Little user stake
  • 9. Solutions • Orient training to the individual – Focus loss on individual work not just damage to the organization – BYOD could provide a huge opportunity here • Train Helpdesk and support personnel – Don’t let them be “Nick Burns” • Clear well defined policies – stress benefits of compliance rather than adverse consequences
  • 10. Conclusion • We already have Human Shields – they’re called users • Leverage their familiarity of their own systems • Let them be a part of the solution • This will help us create a more secure network