Explore a keynote address from AppSecUSA 2017 that delves into building a culture of security at The New York Times. Learn how traditional security approaches are evolving to meet the challenges of modern news gathering and product development. Discover practical lessons on fostering organization-wide security awareness, adapting to new challenges faced by security practitioners, and implementing innovative strategies such as embedded InfoSec, training mentoring, and workstation security. Gain insights from Runa Sandvik, Director of Information Security at The New York Times, as she shares experiences in helping reporters understand and confront security challenges in the newsroom. Understand the balance between InfoSec visibility and newsroom privacy, and explore initiatives like Brand Bag Sessions, external speakers, and learning reviews that contribute to a robust security culture.
Building a Culture of Security at The New York Times
Overview
Syllabus
Intro
What got you into security
The newsroom
The New York Times
Are we failing
Challenges
Fake News
Securityfulton
InfoSec visibility vs newsroom privacy
Technology changes
How to fit in
Training
Recruiting
Brand Bag Sessions
External Speakers
Learning Reviews
Embedded InfoSec
Tips Page
Conclusion
Training Mentoring
Workstation Security
Taught by
OWASP Foundation
