Based upon Malcolm Harkins book Managing Risk and Information Security he will delve into one of his most read chapters: People are the perimeter. He will explain the people perimeter and how it is different than many people think. He will expand on his prior work explaining how we have already crossed the precipice where everything with power is IP addressable, its computing, communication and how we are all using this technology daily and in many cases without sufficient control. He will discuss user device, data, and credential hygiene and why that has lagged usage models exposing us to the harms that have occurred. He will also discuss the developers, managers, and business leaders and how their motivations driving the human element has not adequately protected the perimeters that are left. He will explore the psychology and sociology that affects the people perimeter. He will offer insights and options to better protect to enable people, data, and the business.
Harkins will demonstrate how the current approaches used for awareness, accountability, and discipline for users isn’t working and could actually be contributing to the cyber risk cycle vs. reducing it. He will explore his “roundabout” theory applied to end users and use of social media and other capabilities that organizations have typically labeled as “risky”.
When the session concludes, attendees will be able to evaluate if their current approach to the people perimeter is effective and they will be able to see if a fundamental change in approach is needed.
Technical Level: Medium