Data Breaches: Barbarians in the Throne Room presented at BsidesZurich 2018

by Dave Lewis,

Summary : Often defenders worry about the intangible security problems. Defenders need to concentrate their efforts defending the enterprise by focusing on the fundamentals. Too often issues such as patching or system configuration failures lead to system compromise. These along with issues such as SQL injection are preventable problems. Defenders can best protect their digital assets by first understanding the sheer magnitude that a data breach can have on an enterprise. In this talk I review my findings after analyzing hundreds of data breach disclosures as it pertains to what went wrong. I had previously done this for 2016 and I will have the 2017 review ready by the time of this talk.