7. Robotic Process Automation Eliminate manual processes.
DevOps
Information
Security
Engineering
Systems
Administration
Quality
Assurance
Production
Support
Lifecycle
Management
16. • Open source web application for interactive
computing.
• Supports over 40 programming languages.
• Notebooks contain live code, equations,
visualizations, and narrative text.
Jupyter – Julia, Python, and R
17.
18. Security experts love to tell stories.
Data visualizations help us tell
these stories.
19. 5th Grade Science
Scientific Method
The scientific method is an empirical method
of acquiring knowledge that has
characterized the development
of science since at least the 17th century.
21. Asking the right questions.
Sharing the right insights.
• Adversary: How can I perform passive reconnaissance without
touching the target?
22. Asking the right questions.
Sharing the right insights.
• Adversary: How can I perform passive reconnaissance without
touching the target?
• CISO: What does our external attack surface look like?
23. Asking the right questions.
Sharing the right insights.
• Adversary: How can I perform passive reconnaissance without
touching the target?
• CISO: What does our external attack surface look like?
• CEO: What does our company look like to our shareholders,
customers, and competitors?
33. Program Value/Measurement
“Security technology management
keeps the system fine tuned. But the
secret sauce? That’s in data
enrichment. That’s where the magic
happens.”
- Robert Herjavec
34. • Patch Management Team: Why are we so busy over the holidays?
• Security Manager: At what times do we need to increase staffing?
• CISO: Why are our vulnerability counts increasing?
Asking the right questions.
Sharing the right insights.
36. Expertise must keep up with an
evolving attack surface and a
dynamic nature of threats.
Competition for talent
Challenges to Solve
“the average CISO tenure is only about 24 to 48 months”
- 38% leave for higher compensation
- 36% leave for lack of security culture
- 34% leave for not being active members with executive
management or board of directors
- 31% leave from lack of budget
37. Expertise must keep up with an
evolving attack surface and a
dynamic nature of threats.
Programs are reactive and rarely
maintain a multi-year roadmap.
Competition for talent
Program continuity
Challenges to Solve
38. Expertise must keep up with an
evolving attack surface and a
dynamic nature of threats.
Programs are reactive and rarely
maintain a multi-year roadmap.
Visibility and speed of execution
must improve with automation.
Competition for talent
Program continuity
Continuous risk measurement
Challenges to Solve