No InfoSec Staff? No Problem

Explore a comprehensive approach to information security for organizations without dedicated InfoSec staff in this 24-minute conference talk from BSidesLV 2014. Learn about secondary responsibility syndrome, risk assessment for small businesses, legacy perimeter challenges, and effective security controls. Discover strategies for implementing technical controls, managing security risks, and fostering security awareness. Gain insights on how to sell security initiatives, create a blueprint for security measures, and address core information protection. Understand the importance of datacentric security and how to navigate common challenges such as password management and dealing with potential threats.

Intro
Secondary Responsibility Syndrome
Travel Guide
Small Business Enterprise
Legacy Perimeters
Risk is Real
Zombies
Developers
Blacklisting
Evil People
Lost Something
Whats Next
How to Sell
Risk Assessment
Blueprint
Security Controls
Passwords
Solo
Core Information
Technical Controls
Datacentric
Security Risk
Security Awareness