While browsing CFP’s for conferences this summer, one speaking track named “The Art of Defense” had a statement that “only the largest enterprises can afford a robust defense”. We disagree, and argue that in many ways small-to-medium-size businesses can be more secure than large enterprises. We will provide an overview of the security program we built that achieves enterprise-level protection AND regulatory compliance WITHOUT a massive budget or huge silo’d teams. Consider it a case study or howto for building an effective security program at a small business.
Russell is an Infrastructure & Security Director for a small software and services company in the DC area, BSides Charm (Baltimore) organizer, and collector of IT and security certifications with almost 20 years of experience.
Ryan is a Senior InfoSec Engineer who enjoys reading packets in his spare time.