The Decalogue(ish) of Contractual Security Sins presented at CODEBLUE2018@TOKYO 2018

by Sebastian Avarvarei,

Summary : In today’s multi-sourced enterprise, your security is as good as the worst written contract. The bad news? I haven’t seen many well written contracts so far... The good news? I’ve seen plenty of bad ones. Why is that good news? Because now I can tell you what are the Security contractual sins you should avoid, and how to avoid them. This presentation will take you through some of the most egregious Security mistakes I keep encountering in IT contracts – and I will offer solutions to avoid them. The presentation is targeted to both customers and providers of IT services, and of Security services. Because better contracts mean happier business relations for both parties. And more profits. And better Security. (And yes, a Decalogue means 10. In practice, we found that there quite a few more “sins”. Hence, the “ish” suffix in the title. Hope it will be forgiven.).