YoVDO

Building Sustainable Security Programs

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Risk Management Courses Strategic Planning Courses Team Building Courses

Course Description

Overview

Explore strategies for building sustainable security programs in this 44-minute keynote address from BSidesSF 2022. Delve into the challenges faced by information security professionals, including burnout, constant firefighting, and evolving threat landscapes. Learn how to disrupt security cynicism, discourage heroics, and foster an environment of empathy and collaboration. Discover techniques for aligning security with business enablement, understanding threat models, and balancing proactive and reactive security controls. Gain insights on risk prioritization, strategic investments, and creating shared guiding principles to build a more resilient and effective security program.

Syllabus

Intro
INFORMATION SECURITY BURNOUT
CONSTANT FIREFIGHTING
PERSONAL RESPONSIBILITY
ONGOING CONFLICT WITH STAKEHOLDERS
CHANGING THREAT LANDSCAPE
Disrupt Security Cynicism
Discourage Heroics and Celebrate Long-term Wins
Build Additive Teams
Environment of Empathy and Collaboration
Business Enablement and Customer Service
Help Security Engineers think about Risk
Understand your Threat model and why Security matters
Be rigorous about Risk Outcomes
Strategic vs Operational Investments
Leverage Points and Efficiency
Minimize Impact to Critical Data Assets
Overall Security Assurance Balance of Proactive and Reactive Security Controls
Risk Appetite for Senior Leadership
Shared Guiding Principles


Taught by

Security BSides San Francisco

Related Courses

Early Detection through Deception
YouTube Hack for Show, Report for Dough - Brian King
YouTube Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube Windows Event Logs - Zero to Hero
YouTube Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube