Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd    [email protected]   h6p:/ /safestack.io   Better connected

this  is  a  story  about  security

PEOPLE   TECHNOLOGY   PROCESS   CULTURE   ORGANISATION  

No content

No content

87  ac=ve  usernames  and  passwords • 7  Twi6er  accounts • 1  Facebook 28  second  factor  authorisa=on  tokens • 22  applica=on  based • 6  SMS  code  based • 280  backup  codes Mul=ple  encryp=on  keys  &  certs •  PGP,  S/Mime,  SSL Mul=ple  financial  iden==es • 7  taxa=on  accounts • 6  na=onal  banking  iden=fiers • 3  payment  processors

No content

No content

PART  OF  THE  PROBLEM

93%  organiza=ons  use  poor  quality,   shared  passwords  and  do  not  change  them   when  people  leave

80%  organiza=ons  use  produc=on  data  in   test  environments

We  don’t  understand  our  own   environments  and  technology  suites

No content

PART  OF  THE  SOLUTION

SORT  OUT  THE  BASICS. NO  EXCUSES PASSWORD   MANAGEMENT BACKUPS ROLES PERMISSIONS LANGUAGE PROTECTING   PRODUCTION   DATA

DATA  IS  A  PRIVILEGE …  store  less

WORDS  ARE  EXPENSIVE say  less,  communicate  more

YOU  CANNOT  REMOVE  RISK by  making  things  more  complex

EXPOSE  YOUR  VULNERABILITY focus  on  visibility  and  survival

EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE

we  live  in  a  connected  world

No content

go  protect  it  together

Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd    [email protected]   h6p:/ /safestack.io   Questions?