building security from scratch
play

Building security from scratch Anthi Gilligan Application Security - PowerPoint PPT Presentation

From ZERO to HERO Building security from scratch Anthi Gilligan Application Security Engineer - Logitech @AnGreagach Who I am and what I do The state of Infosec The experts Pitfall #1 Pitfall #2 Pitfall #3 Pitfall #4 ENCRYPT


  1. “From ZERO to HERO” Building security from scratch Anthi Gilligan Application Security Engineer - Logitech @AnGreagach

  2. Who I am and what I do

  3. The state of Infosec

  4. The “experts”

  5. Pitfall #1

  6. Pitfall #2

  7. Pitfall #3

  8. Pitfall #4 ENCRYPT OR DIE!!!!!

  9. Policies, standards and tech specs

  10. Security Architecture

  11. Security Architecture Agree principles and objectives scope first…

  12. Security Architecture Business Requirements Ask the business Enterprise Architecture • Goals • Rules • Requirements Ask the business Security Architecture • Laws and regulations + • Standards • ISMS Ask the World!

  13. Some principles of Security Architecture Security and privacy by design Security controls appropriate to risk Secure SDLC Identify the weakest link Design using security standards Ensure accountability Least Privilege Audit significant activities Defence in depth By invitation only

  14. Some (more) principles of Security Architecture Simplify and standardise Mutual authentication Inbound interactive connections Secure recovery E2E technology lifecycle Inbound interactive high-risk users Protect the data Remote log file collection Fidelity of environments Don’t trust… prove!

  15. YOU!

  16. Question Time! Coffee = 1 question Beer = 2 questions Gin = L et’s talk at the bar ☺ @AnGreagach

Recommend


More recommend