Successfully reported this slideshow.

More Related Content

More from Iftach Ian Amit

ISTS12 Keynote
Iftach Ian Amit
From your Pocket to your Heart and Back
Iftach Ian Amit
Painting a Company Red and Blue
Iftach Ian Amit
Armorizing applications
Iftach Ian Amit
Seeing Red In Your Future?
Iftach Ian Amit
Hacking cyber-iamit
Iftach Ian Amit
Passwords good badugly181212-2
Iftach Ian Amit
Bitcoin
Iftach Ian Amit
Sexy defense
Iftach Ian Amit
Cyber state
Iftach Ian Amit
Advanced Data Exfiltration - the way Q would have done it
Iftach Ian Amit
Infecting Python Bytecode
Iftach Ian Amit
Exploiting Second life
Iftach Ian Amit
Dtmf phreaking
Iftach Ian Amit
Cheating in Computer Games
Iftach Ian Amit
Telecommunication basics dc9723
Iftach Ian Amit
Stuxnet - the worm and you
Iftach Ian Amit
Pushing in, leaving a present, and pulling out slowly without anyone noticing
Iftach Ian Amit
Mesh network presentation
Iftach Ian Amit
Html5 hacking
Iftach Ian Amit

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns
(5/5)
Free
No Filter: The Inside Story of Instagram Sarah Frier
(4.5/5)
Free
Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine
(4/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community That Will Listen Kristen Meinzer
(3.5/5)
Free
The Future Is Faster Than You Think: How Converging Technologies Are Transforming Business, Industries, and Our Lives Peter H. Diamandis
(4.5/5)
Free
Talk to Me: How Voice Computing Will Transform the Way We Live, Work, and Think James Vlahos
(4/5)
Free
SAM: One Robot, a Dozen Engineers, and the Race to Revolutionize the Way We Build Jonathan Waldman
(5/5)
Free
From Gutenberg to Google: The History of Our Future Tom Wheeler
(3.5/5)
Free
Life After Google: The Fall of Big Data and the Rise of the Blockchain Economy George Gilder
(4/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
Live Work Work Work Die: A Journey into the Savage Heart of Silicon Valley Corey Pein
(4.5/5)
Free
Future Presence: How Virtual Reality Is Changing Human Connection, Intimacy, and the Limits of Ordinary Life Peter Rubin
(4/5)
Free
Hot Seat: What I Learned Leading a Great American Company Jeff Immelt
(4.5/5)
Free
Made in China: A Prisoner, an SOS Letter, and the Hidden Cost of America's Cheap Goods Amelia Pang
(4.5/5)
Free
We Should All Be Millionaires: A Woman’s Guide to Earning More, Building Wealth, and Gaining Economic Power Rachel Rodgers
(4.5/5)
Free
Authentic: A Memoir by the Founder of Vans Louise Maclellan
(4.5/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies Barry Meier
(4/5)
Free
Second Nature: Scenes from a World Remade Nathaniel Rich
(5/5)
Free
An Ugly Truth: Inside Facebook’s Battle for Domination Sheera Frenkel
(4.5/5)
Free
A Brief History of Motion: From the Wheel, to the Car, to What Comes Next Tom Standage
(4/5)
Free
Liftoff: Elon Musk and the Desperate Early Days That Launched SpaceX Eric Berger
(5/5)
Free
The Science of Time Travel: The Secrets Behind Time Machines, Time Loops, Alternate Realities, and More! Elizabeth Howell
(3/5)
Free
If Then: How the Simulmatics Corporation Invented the Future Jill Lepore
(4.5/5)
Free
The Wires of War: Technology and the Global Struggle for Power Jacob Helberg
(4/5)
Free
System Error: Where Big Tech Went Wrong and How We Can Reboot Rob Reich
(4.5/5)
Free
The Quiet Zone: Unraveling the Mystery of a Town Suspended in Silence Stephen Kurczy
(4.5/5)
Free
The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner
(4.5/5)
Free
Bitcoin Billionaires: A True Story of Genius, Betrayal, and Redemption Ben Mezrich
(4.5/5)
Free
A World Without Work: Technology, Automation, and How We Should Respond Daniel Susskind
(4.5/5)
Free
Blockchain: The Next Everything Stephen P. Williams
(4/5)
Free
Uncanny Valley: A Memoir Anna Wiener
(4/5)
Free
Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr
(4.5/5)
Free

"Cyber" security - all good, no need to worry?

  1. 1. "Cyber" security - all good, no need to worry? Ian Amit Director of Services, IOActive
  2. 2. ¡Hola
  3. 3. Source: datalossdb.org
  4. 4. Incidents by Business Type - All Time Biz Gov Med Source: datalossdb.org Edu
  5. 5. Incidents by Business Type - All Time 52% Biz Gov Med Source: datalossdb.org Edu
  6. 6. Incidents by Business Type - All Time 52% 18% Biz Gov Med Source: datalossdb.org Edu
  7. 7. Incidents by Business Type - All Time 16% 52% 18% Biz Gov Med Source: datalossdb.org Edu
  8. 8. Incidents by Business Type - All Time 14% 16% 52% 18% Biz Gov Med Source: datalossdb.org Edu
  9. 9. Source: datalossdb.org
  10. 10. Incidents by Vector - All Time Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  11. 11. Incidents by Vector - All Time 57% Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  12. 12. Incidents by Vector - All Time 57% 20% Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  13. 13. Incidents by Vector - All Time 10% 57% 20% Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  14. 14. Incidents by Vector - All Time 7% 10% 57% 20% Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  15. 15. Incidents by Vector - All Time 7% 6% 10% 57% 20% Outside Inside Inside - Accidental Inside - Malicious Source: datalossdb.org Unknown
  16. 16. DataLossDB.org Incidents Over Time 1800 1621 1350 1091 1048 900 829 775 728 695 644 450 157 43 0 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  17. 17. Problem ✓
  18. 18. Problem ✓ Solution?
  19. 19. What would CISO do?
  20. 20. What would CISO do?
  21. 21. WTF?
  22. 22. RISK MANAGEMENT
  23. 23. We need to get back to BASICS
  24. 24. insert crowd pic here
  25. 25. Prioritize ! Based on risk, impact, potential cost, and cost of remediation
  26. 26. Summary 1. Stop throwing money on products 2. Identify assets, processes, technology, threats. 3. Assess your current posture. Identify gaps. 4. Address gaps based on priority and relevance. Consider cost (of impact, of fixing). 5. Test effectiveness. 6. Back to 2.
  27. 27. REMEMBER! • You are not fighting off pentesters. 
 You are fighting off actual adversaries. • You are not fighting off auditors. 
 You keep your organization working. • You are not fighting off regulators. 
 You are trying to keep yourself out of jail.
  28. 28. Thank You! ¡gracias Ian Amit Director of Services, IOActive ian.amit@ioactive.com Twitter: @iiamit

×