Attribution is hard. And in most business cases unnecessary. Threat Management, like Vulnerability Management, is a core pillar in most Enterprise Security Architectures (ESA), yet is a very different beast with completely separate functions, processes and skillset requirements. Similar to my previous talk on Enterprise Class Vulnerability Management, this talk takes the framework of the OWASP ASVS 2014 framework and applies it to Enterprise Threat Management in an attempt to make a clearly complicated yet necessary part of your organization’s ESA much more manageable, effective and efficient with feasible recommendations, based on your business’ needs.
Rockie Brockway serves Black Box as Information Security and Business Risk Director and Senior Engineering Director. With over two decades of experience in InfoSec/Risk, he specializes in Information Security Risk Management and the inherent relationship between assets, systems, business process, and function. Rockie offers perspectives on how adversaries may find value in business data, highlights the business impact and ramifications of the theft, disruption, and/or destruction of that data, simulates the adversarial data breach/theft to gauge the organization’s detection and reaction capabilities, and provides rational and reasonable business risk mitigation recommendations. He is a BSidesCLE organizer and recovering cynic, zero FUDs given.