At past DEF CON events, including DEF CON 101, most of the attendees we’ve encountered were either new to the field of security or had security functions in their job description on top of other job duties such as system administration or programming. The purpose of this talk, which is based on real world experiences, is to introduce a multi-year approach to methodologies, techniques, and tools that will allow someone who may be the sole security staff member for an organization to build an effective security program in a cost effective and resource constrained manner. If security is a process, this will provide a “Step 1” to getting that process started.
Tim was voted “most likely to be indicted” by his high school senior class, but has since gone on to gain the trust of large organizations and their executive management, which may or may not be a good thing. He holds a few industry certifications and is a member of a few security organizations, but considers his insomnia and attention deficit problems far more important to his career. Twitter: @NotMedic