SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.
SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.
Successfully reported this slideshow.
Activate your 14 day free trial to unlock unlimited reading.
25.
Prioritize
!
Based on risk,
impact,
potential cost,
and cost of
remediation
26.
Summary
1. Stop throwing money on products
2. Identify assets, processes, technology, threats.
3. Assess your current posture. Identify gaps.
4. Address gaps based on priority and
relevance. Consider cost (of impact, of fixing).
5. Test effectiveness.
6. Back to 2.
27.
REMEMBER!
• You are not fighting off pentesters.
You are fighting off actual adversaries.
• You are not fighting off auditors.
You keep your organization working.
• You are not fighting off regulators.
You are trying to keep yourself out of jail.
28.
Thank You!
¡gracias
Ian Amit
Director of Services, IOActive
ian.amit@ioactive.com
Twitter: @iiamit
0 likes
Be the first to like this
Views
Total views
2,936
On SlideShare
0
From Embeds
0
Number of Embeds
5
You have now unlocked unlimited access to 20M+ documents!
Unlimited Reading
Learn faster and smarter from top experts
Unlimited Downloading
Download to take your learnings offline and on the go
You also get free access to Scribd!
Instant access to millions of ebooks, audiobooks, magazines, podcasts and more.
Read and listen offline with any device.
Free access to premium services like Tuneln, Mubi and more.