You can't screw up Poptarts presented at BSidesKnoxville 2017

by Kevin Thomas,

Summary : Implementing an Information Security Program is not a simple process. There's not a simple, one size fits all, two instruction (e.g. Poptarts), playbook for getting it done, and as a result things can be missed.
This is not a technical talk. This is a talk about gaps commonly found in the information security programs in place at organizations of all sizes, verticals, and industries. Its about the details that are sometimes missed within the blueprints of an organizations security program designs. I will discuss some of these key gaps I've seen in my experiences as a Security and Compliance consultant of 15 years and offer guidance on how to address them.