I talk about the disturbing notpetya outbreak that hit and crippled (almost) all of the conglomerate A. P.Moller Maersk. I will address the many challenges and lessons learned encountered from both the business perspective and its information technology.
Then transition over to my 20+ year infosec journey using the Maersk war story as my base to go to Birdseye view and through those optics explain how and why I see us as having failed as an information security community and industry.
“Are you a security hobbyist or a security professional?” My opinion is most are security hobbyists and in my opinion in there lies the problem and but also parts of the solution. As a collective we very rarely venture outside our information security silo.
I will show how we can change from being self-indulgent and a tiny bit narcissistic to making us succeed in business arena. We speak security and risk with a very little or no business accent. We must learn to speak business with little or no IT accent. We must stop taking certifications and instead get business degrees. We must take the fight to the business and fight the battle on a business playing field.