In this presentation, Dave will walk the attendees through the challenges facing most companies around dealing with vulnerabilities in their environments. Many companies are running tools or having scans performed against their network, and are being presented with a sea of information on discovered vulnerabilities along with information on how to address them. But most tools stop there, and that’s where the trouble starts. Without some type of guidance on where to begin, it’s easy to get overwhelmed trying to decide how to prioritize. Simply using the severity rating (ie. Let’s fix all the Highs first) doesn’t cut it, as many large organizations have 100s, 1000s, or 10s of 1000s of High vulnerabilities to address. Dave will provide a number of different approaches to modelling and managing your vulnerability data with an eye towards helping you make quick decisions on how to tackle the mountain of vulnerability information, and will provide formulas and samples of ways to help effectively manage risk and reduce exposure.
Dave Millier is well-known in the Canadian High-Tech marketplace, where he’s been helping customers with their security and compliance needs for over 20 years. For the past 15 years Dave has focused on growing one of Canada’s most-recognized MSSPs Sentry Metrics, which he recently sold to The Herjavec Group, Canada’s largest independent Information Security Company. As the founder of Sentry Metrics, he created and brought to market the industry leading Security and Risk Compliance Dashboard theSentry. Dave is continuing the development of this award-winning platform in his new company, Uzado. Dave has presented at many network and security conferences including Network World, Comdex, InfoSecurity Canada, SC Congress and Sector, Canada’s preeminent Security Conference. Dave has written numerous articles for security and networking magazines, and is often quoted in the press and news stories. Dave was recognized as one of the top 8 security professionals you need to know in the GTA. Dave is a recognized leader in the field of governance and risk compliance, and has helped a number of Canada’s leading organizations build their corporate security strategies, align them with regulatory and corporate requirements, and then implement strategies to help them “attain and maintain” their overall compliance. When Dave’s not pursuing his plans for world domination, one client at a time, he’s an avid (amateur!) dual sport motorcycle rider, and loves to spend his spare time off-road motorcycling.