The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
10
Click here to load reader
-
Upload
security-b-sides -
Category
Technology
-
view
778 -
download
0
description
Joshua Corman, Jack Daniel, Anton Chuvakin, Andy Ellis, Michelle Klinger
Transcript of The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
Dr. Anton Chuvakin, is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others.
Joshua Corman, is Research Director for the 451 Group and leads 451 Group's research team in the area of IT enterprise security. Previously Josh was Principal Security Strategist at IBM Internet Security Systems.
Andy Ellis, Akamai's Senior Director of Information Security and Chief Security Architect, responsible for overseeing the security architecture of the company's massive, globally distributed network.
Michelle Klinger, Independent Information Security Engineer with extensive experience in the compliance field.
Jack Daniel, InfoSec Curmudgeon, Community Development Manager, Astaro Corporation
We do not speak for our employers, clients or customers. Nor for our spouses, siblings, or offspring, etc.
Our opinions are our own, the facts are as we see them.
We aren’t lawyers…etc.
But some of these folks are pretty damn smart, so pay attention.
We want an honest discussion, compliance issues are changing what we call security. These issues are much bigger than just PCI.
Monday was day one for MA 201CMR17.00
There have been plenty of Compliance LoveFests
And quite a few uninformed rants
This is neither of those
Think before you speak.
No Religion
We’ll take time in the beginning to bicker among ourselves before fielding questions, then please join in the discussion.
We fear the auditor more than the attacker.
Compliance, the No Child Left Behind act of InfoSec?
Or is it the polio vaccine for security?
How do we use it to our advantage?
How does Compliance misuse us?
What about unintended consequences?
Impact on R&D and VC investments?
Alternatives?
Anton Chuvakin chuvakin.org Twitter: @anton_chuvakin
Joshua Corman 451group.com Twitter: @joshcorman
Andy Ellis CSOAndy.com @csoandy
Michelle Klinger @diami03
Jack Daniel blog.uncommonsensesecurity.com @jack_daniel
