YoVDO

Building Sustainable Security Programs

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Risk Management Courses Strategic Planning Courses Team Building Courses

Course Description

Overview

Explore strategies for building sustainable security programs in this 44-minute keynote address from BSidesSF 2022. Delve into the challenges faced by information security professionals, including burnout, constant firefighting, and evolving threat landscapes. Learn how to disrupt security cynicism, discourage heroics, and foster an environment of empathy and collaboration. Discover techniques for aligning security with business enablement, understanding threat models, and balancing proactive and reactive security controls. Gain insights on risk prioritization, strategic investments, and creating shared guiding principles to build a more resilient and effective security program.

Syllabus

Intro
INFORMATION SECURITY BURNOUT
CONSTANT FIREFIGHTING
PERSONAL RESPONSIBILITY
ONGOING CONFLICT WITH STAKEHOLDERS
CHANGING THREAT LANDSCAPE
Disrupt Security Cynicism
Discourage Heroics and Celebrate Long-term Wins
Build Additive Teams
Environment of Empathy and Collaboration
Business Enablement and Customer Service
Help Security Engineers think about Risk
Understand your Threat model and why Security matters
Be rigorous about Risk Outcomes
Strategic vs Operational Investments
Leverage Points and Efficiency
Minimize Impact to Critical Data Assets
Overall Security Assurance Balance of Proactive and Reactive Security Controls
Risk Appetite for Senior Leadership
Shared Guiding Principles


Taught by

Security BSides San Francisco

Related Courses

Grow to Greatness: Smart Growth for Private Businesses, Part I
University of Virginia via Coursera Changemaker MOOC: Social Entrepreneurship
CAU (Christian-Albrechts-Universität zu Kiel) via iversity Einführung in die Betriebswirtschaftslehre
RWTH Aachen University via iversity What’s Your Big Idea?
The University of North Carolina at Chapel Hill via Coursera MM001: Créer un plan de communication efficace
Independent