I've been in the field of "Cyber Security" in its many incarnations for about 25 years. In that time I've learned some lessons, some the hard way. Here are my slides presented at BSides New Orleans in April 2024.

1. 1
The 7 Things I Know About
Cyber Security After 25 Years

2. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
2
RA F A L L O S
Head of Services Strategy & GTM at ExtraHop
~25 years in cyber security
Broad expertise in product and services
development, security strategy, and problem-solving
Podcaster
Down the Security Rabbithole Podcast
Writer and public speaker
Biography

3. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
3
“What makes you qualified to give this talk?”
These are all lessons I’ve learned, first-hand, the hard way

4. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
4
My 3 guiding principles

5. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
5
Change is relentless

6. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
6
crime pays

7. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
7
Security vs “human nature”

8. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
8
1. You Don’t Want ZERO Risk
Check your math, and try again

9. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
9
business relies on taking risks

10. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
10
“Enigo Montoya” problem

11. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
11
security is a 1/x curve

12. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
12

13. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
13
you’re never getting to ZERO

14. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
14
at some point,
cost exceeds benefit

15. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
15
risk = probability x impact

16. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
16
don’t get fooled by chance

17. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
17
reducing risk, creates risk

18. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
18
either extreme is bad

19. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
19
2. Change the things you can
The magic quadrant of bad ideas

20. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
20
effort vs impact

21. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
21
low effort, high impact

22. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
22
low effort, low impact

23. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
23
high effort, high impact

24. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
24
high effort, low impact

25. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
25
law of diminishing returns

26. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
26
inverted hockey stick curve

27. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
27
“good ‘nuff”

28. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
28
3. Today’s Feature, Tomorrow’s 0-Day
How did this even happen?!

29. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
29
security ← → innovation

30. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
30
today’s innovative idea…

31. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
31
..tomorrow’s critical flaw

32. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
32
so what happened?!

33. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
33
what is the right response?

34. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
34
triage vs prevent

35. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
35
“seemed like a good idea”

36. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
36
plan for rapid triage

37. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
37
this will happen again

38. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
38
4. The “Great Awakening” Isn’t Coming
The “big one” happened, no one cared

39. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
39
“It’ll take a big incident…”

40. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
40
nope

41. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
41
catastrophes are recoverable

42. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
42
business is resilient

43. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
43
we screwed up, big time

44. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
44
the sky fell, we still lived on

45. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
45
some become disillusioned

46. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
46
too many “don’t get it”

47. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
47
now what?!

48. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
48
the hamster wheel is your
reality

49. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
49
5. Alt + Tab is a Hunter Killer
Smart does not scale

50. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
50
inverse proportionality

51. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
51
more screens

52. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
52
less security

53. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
53
your brain cannot correlate
(at scale)

54. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
54
platforms & integrations

55. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
55
ask the right questions

56. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
56
get better answers

57. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
57
tech isn’t magic

58. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
58
question
answer
analyze
act
analyze

59. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
59
6. DIY is Best Left on TV Shows
A fancy hammer does not a master carpenter make

60. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
60
re-inventing the same wheel

61. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
61
uniqueness is a weakness

62. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
62
patterns exist

63. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
63
expertise exists

64. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
64
what makes us do it
ourselves?

65. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
65
talent shortage (duh)

66. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
66
budget constraints

67. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
67
time/effort constraints

68. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
68
Most applicable in operations

69. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
69
accept limitations, and help

70. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
70
7. Stop Trying to Build Castles
We all basically live in the suburbs now anyway

71. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
71
castle as a metaphor

72. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
72
this metaphor aged poorly

73. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
73
we left the office

74. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
74
data went with us

75. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
75
clouds destroyed our models

76. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
76
sensitive data is everywhere

77. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
77
by use-case, or accident

78. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
78
security models must adapt

79. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
79
make data risk-resilient

80. © 2024 ExtraHop® | All Rights Reserved | Proprietary and Confidential
80
Thank You
Thank You