Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
84
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
300
Hackcon 11 - Protecting our people
ladynerd
0
260
Security in a container based world
ladynerd
0
170
Securing Microservice Architectures
ladynerd
2
370
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.8k
Blindsided by security
ladynerd
0
150
Practical tools for privacy audit
ladynerd
0
230
For the greater good? Open sourcing weaponisable code
ladynerd
1
350
Other Decks in Technology
See All in Technology
CVE-2026-20833_脆弱性対応とAES 化について
jukishiya
0
360
次世代ランサムウェア対策の考察 / 20260704 Mitsutoshi Matsuo
shift_evolve
PRO
5
1.7k
アラート調査向けAIエージェントの本番導入とその後/AI Agents for Alert Investigation: Production Deployment and After
taddy_919
1
380
Keeping applications secure by evolving OAuth 2.0 and OpenID Connect
ahus1
PRO
1
140
End-to-Endで考える信頼性 —LINEアプリにおけるクライアント開発×SRE連携の実践
maruloop
1
250
デジタル・デザイン:次の50年を描く「進化する青写真」
y150saya
0
800
SRE依存からの脱却 運用を開 発チームへ移す、 フルサイ クル開 発体制の実践
joooee0000
0
180
最近評価が難しくなった
maroon8021
0
210
美しいコードを書くためにF#を学んでみた話
yud0uhu
1
170
Docker Desktop不要の時代が来る? WSL標準の「wslc」で Linuxコンテナを動かしてみた.
ueponx
0
670
Mastraエージェント、どのクラウドにデプロイする?
minorun365
PRO
2
160
“ID沼入口” - 基本とセキュリティから始める、考え続けるためのID管理技術勉強会 告知&イントロ
ritou
0
390
Featured
See All Featured
How to Grow Your eCommerce with AI & Automation
katarinadahlin
PRO
1
220
Building AI with AI
inesmontani
PRO
1
1.1k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
220
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
The World Runs on Bad Software
bkeepers
PRO
72
12k
Paper Plane (Part 1)
katiecoart
PRO
0
9.5k
Discover your Explorer Soul
emna__ayadi
2
1.2k
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
860
How to Ace a Technical Interview
jacobian
281
24k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
180
Are puppies a ranking factor?
jonoalderson
1
3.7k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?