One Week Left to Get an 11" iPad Pro with Apple Pencil w/ OnDemand Training

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SANS@MIC - CYA by Using CIA -- Correctly For a Change

  • Monday, June 08, 2020 at 8:30 PM EDT (2020-06-09 00:30:00 UTC)
  • Keith Palmgren

You can now attend the webcast using your mobile device!

  

Overview

Everyone in cyber security has heard of the CIA triad. In fact, addressing Confidentiality, Integrity, and Availability as a triad of three equal parts is part of every cyber security book and class. But how many of us really have the resources to address all three of these in equal measure? Perhaps an even better question is, "Should you address these three in equal measure?" In most organizations, the answer is a resounding "NO!" Instead, we should use CIA as a method of prioritization for our security programs. But wait - it gets even more confusing! Should every department of your company address the elements of CIA the same? This time the answer is "Absolutely Not!"

In this talk, Keith Palmgren explains how to apply CIA to your company, as well as to the individual departments of your company. Doing so will not only allow you to CYA (Cover Your Assets) but also make far better use of the limited resources available in your security program while doing so.

Speaker Bio

Keith Palmgren

Keith Palmgren is an IT Security professional and certified instructor at SANS Institute. He has over 30 years of experience specializing in the IT Security field. He began his career with the U.S. Air Force working with cryptographic keys & codes management. He also worked in, what was at the time, the newly-formed Air Force computer security department. Following the Air Force, Keith worked as an MIS director for a small company before joining AT&T/Lucent as a Senior Security Architect working on engagements with the DoD and the National Security Agency. Later, as Security Consulting Practice Manager for both Sprint and Netigy, Keith built and ran the security consulting practice. He was responsible for all security consulting world-wide and for leading dozens of security professionals on many consulting engagements across all business spectrums. For the last several years, Keith has run his own company, NetIP, Inc. He divides his time between consulting, training, and freelance writing projects. Currently, Keith is a Certified Instructor for the SANS Institute. In his career, Keith has trained over 10,000 IT professionals and authored more than 20 IT security training courses a Including the SANS SEC301 course. Keith currently holds eleven computer security certifications (CISSP, GSEC, GCIH, GCED, GISF, CEH, Security+, Network+, A+, CTT+).

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.