1. GET THE BASICS RIGHT
because basics never change
because basics support complexities
because basics are time tested and proven
2. Because basics were missed!
Database of 191 million U.S. voters exposed on Internet as a result of incorrect
configuration
Database leak exposes 3.3 million Hello Kitty fans
The personal information of 150,000 consumers who went into bankruptcy
between 2007 and 2011 - including their SSN - were exposed after company failed to
properly redact court records before they were put on the public access to Court
Electronic Records system
Code.org - Volunteer email addresses were left accessible via web browser
3. What caused Humpty Dumpty’s fall apart?
Was the foundation weak?
Did Humpty Dumpty miss the basics?
4. Change in Management / Leadership
Change
Management
Patch
Management
Anti-Virus
Management
Identity & Access
Management
Supplier
Management
Aware &
Knowledgeable
culture
Industry
Collaboration
Security
Analytics
System
Hardening
Acquisitions and Mergers
Client Business Imperatives
6. MirrorMirror
Security Imperatives =
Basics + New Priorities + Complexities
How big the issue looks in
mirror? & Effort Spent
We don’t
know
what we
don’t
know
We know
what we
don’t
know
We know what we
know
We don’t know
what we don’t
know
We know
what we
don’t
know
We
know
what we
know
RealWorld
Get / Keep the
BASICS right for a
strong foundation
Defenders are mired in
FUD (fear, uncertainty and
doubt) and fairy tales
FantasyWorld