Virginia Beach 2012

Virginia Beach, VA | Mon, Aug 20 - Fri, Aug 31, 2012

Failure to Operate

  • Chris Crowley
  • Monday, August 27th, 8:15pm - 9:15pm

An organization with a well run operations department tends to also have good security. Even though this is well known, some organizations still fail to maintain operational excellence. These failures manifest in myriad minor failures, and combine to produce at times spectacular failures. Recent examples include the public announcement of EMC's loss of RSA related material. The little pieces of that attack, which "resulted in certain information being extracted from RSA's systems" have thrust organizations using the SecurID system into a position of uncomfortable awareness of a damaged authentication framework. Or for example, the US Government floundering on budget, creating an environment of uncertainty and waste for US Federal Government agencies.

Is securing the information resources a priority when there is uncertainty if these resources are to remain operational? The uncertainty of funding and lack of vision has a clear analogue in the private sector. Only the federal government has the luxury of deciding how much it will spend, and entreating its "customers" to pay that price.

Business attempts to forecast income, but rarely have budget certainty. In this environment Availability almost always trumps Confidentiality or Integrity. (Until that Confidentiality or Integrity is compromised.) These failure types and several others will be explored. The solutions to these issues are not nearly as easy to point out as the many faults that lead to them. Solutions depend on discipline, practice, patience, and earnest effort to lead positive change in ways that empower the organization to be more effective. Few security departments can claim to be bread winners for organizations. Although Chris will talk about one "security department" that is a profit center. So our role as loss prevention needs to be baked into all of the operational facets of the organization. Otherwise we will be loss without the prevention.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, August 20
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, August 20th, 8:15am - 8:45am Special Events
Why Do Organizations Get Compromised? Dr. Eric Cole Monday, August 20th, 7:15pm - 9:15pm Special Events
Tuesday, August 21
Session Speaker Time Type
Everything They Told Me About Security Was Wrong John Strand Tuesday, August 21st, 7:15pm - 8:15pm SANS@Night
Wednesday, August 22
Session Speaker Time Type
Assessing Deception Mike Murr Wednesday, August 22nd, 7:15pm - 8:15pm SANS@Night
Thursday, August 23
Session Speaker Time Type
SANS Technology Institute Brief Dave Hoelzer and President Stephen Northcutt Thursday, August 23rd, 7:15pm - 8:15pm Special Events
Friday, August 24
Session Speaker Time Type
GIAC Program Overview Eric Cole and Stephen Northcutt Friday, August 24th, 12:30pm - 1:15pm Special Events
Sunday, August 26
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Sunday, August 26th, 8:15am - 8:45am Special Events
Why Do Organizations Get Compromised? Dr. Eric Cole Sunday, August 26th, 8:15am - 9:15pm Special Events
Monday, August 27
Session Speaker Time Type
Information Assurance Metrics: Practical Steps to Measurement James Tarala Monday, August 27th, 7:15pm - 8:15pm SANS@Night
Failure to Operate Chris Crowley Monday, August 27th, 8:15pm - 9:15pm SANS@Night
Tuesday, August 28
Session Speaker Time Type
Who's Watching the Watchers Mike Poor Tuesday, August 28th, 7:15pm - 8:15pm SANS@Night
Wednesday, August 29
Session Speaker Time Type
GIAC Program Overview Eric Cole and Stephen Northcutt Wednesday, August 29th, 7:15pm - 8:15pm Special Events
SANS Technology Institute Brief Dave Hoelzer and President Stephen Northcutt Wednesday, August 29th, 8:15pm - 9:15pm Special Events