28. Constantly Evolving Education
• Materials need to evolve as our
industry does
• Educators need to be rewriting
courses on a monthly
timeframe, not a yearly or every 3
year timeframe.
History lesson Explain the context quickly, then talk about why most of the attacks are against them (either client or human). Then, talk about how important what we’re doing is.(Bonus question: What’s next? -> Network, IPv6)Hit the defense in depth message here.
There are 480 data breaches in 2009.Source: http://datalossdb.org/statistics?timeframe=all_timeGartner Says the Cost of a Sensitive Data Breach Will Increase 20 Percent per Year Through 2009Analysts Examine Security, Risk and Compliance Threats During Gartner Symposium/ITxpo 2007, October 7-12, in OrlandoFinancially motivated targeted attacks are becoming more prevalent and new vulnerabilities continue to be reported, but 90 percent of these attacks can be avoided without requiring any increase in security spending, according to Gartner, Inc. However, ensuring one’s enterprise is not part of the 10 percent requires implementing security processes to monitor and manage vulnerabilities and provide strong identity and access management capabilities.Gartner analysts discussed the critical technology and organizational “dos and don’ts” for successful enterprisewide security at Gartner Symposium/ITxpo 2007, which is taking place here through October 12.“The biggest attack risk to enterprises comes from targeted attacks,” said John Pescatore, vice president and distinguished analyst for Gartner. “In addition, phishing and identity theft attacks have caused the rise of ‘credentialed’ attacks, in which the attacker uses the credentials of a legitimate user.”“Malicious software (malware) attacks also allow internal executables to be used to forward information to an external attacker,” Mr. Pescatore said. “Being aware of ‘inside out’ communications and being able to block those as effectively as ‘outside in’ is becoming increasingly important. Security strategies must reduce the cost of dealing with mass attacks to free up investment and personnel resources to evolve capabilities for dealing with these more-complex targeted attacks.”
History lesson Explain the context quickly, then talk about why most of the attacks are against them (either client or human). Then, talk about how important what we’re doing is.(Bonus question: What’s next? -> Network, IPv6)Hit the defense in depth message here.
Talk about the certification bodies’ business model
This is why the CASP is awesome – questions actually focus on making people do stuff
The importance of repeatable skills - Our focus on certifications brings us a focus on perishable skills
Just in time (JIT) is a production strategy that strives to improve a business return on investment by reducing in-process inventory and associated carrying costs.
This is why the CASP is awesome – questions actually focus on making people do stuff
Luckily, education is changing…
Improve your humans.Improve your security.Choose MAD Security. Thank you.[end of presentation]