Explore a thought-provoking conference talk that challenges conventional wisdom in information security. Delve into topics such as password policies, the CIA triad, and vulnerability management while examining unintended consequences of common practices. Learn to question established paradigms, develop effective strategies, and adopt a "think and act differently" approach to security. Gain insights on risk assessment, the importance of asking the right questions, and how to create more robust security models that go beyond traditional frameworks.
Overview
Syllabus
Intro
Failures
Insanity
Disclaimer
Who am I
Information Security
Jewelers vs Field
Maturity Model
Bad Advice
Passwords
Password Topologies
Password Policy
Password Policy Example
CIA Triad
Confidentiality and Possession
Four Security Controls
Have a Strategy
Password Strength
Vulnerability Management
Risk vs Impact
Asking Questions
How Might We
The Model
