Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cybersecurity summit post #149

Merged
merged 2 commits into from
Oct 29, 2024
Merged

Cybersecurity summit post #149

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7af4a08
bundle update
jabenninghoff Oct 29, 2024
1246f48
New Post: Cyber Security Summit 2024
jabenninghoff Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@ GEM
rubocop-ast (>= 1.32.2, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.32.3)
rubocop-ast (1.33.0)
parser (>= 3.3.1.0)
rubocop-rake (0.6.0)
rubocop (~> 1.0)
Expand Down
26 changes: 26 additions & 0 deletions _posts/2024-10-29-cybersecurity-summit-2024.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
---
layout: post
title: Cyber Security Summit 2024
author: jabenninghoff
tags: ["Security Differently", "Talks"]
comments: true
---
Today I spoke at the 14th annual [Cyber Security Summit](http://cybersecuritysummit.org)! My talk, *Security Differently*, was a slightly shorter version of the one I gave at [Secure 360]({% post_url 2024-05-15-secure-360-2024 %}).

I enjoyed presenting in the main ballroom, and got positive feedback from attendees afterwards - I only wish I had more time to answer questions!

Here is the link I shared in the QR code at the end: <https://bento.me/jbenninghoff>.

## Session Description

Cybersecurity, especially traditional security, has stagnated; adding security controls has appreciably improved outcomes and we continue to struggle with basic problems like vulnerabilities. Safety faced a similar problem 10-15 years ago; scientists and practitioners saw that safety outcomes were stagnant and concluded that the traditional method of avoiding accidents through centralized policies, procedures, and controls was no longer driving improvements.

I believe we're seeing the same thing in security: historically, we've focused on constraining worker behavior to prevent cybersecurity breaches, and the limits of that approach are becoming increasingly clear. Adapting concepts from Safety Differently and Safety II offers a solution, by supporting success and focusing on positive capacities. In this talk, I will present practical advice on how to create a security program based on modern safety principles using evidence from both security and safety, and how it changes the role of the security professional.

## Slides

My slides with notes, including references, are [here](/assets/cybersecurity-summit-2024-security-differently.pdf).

## Video

The talk was recorded, and I will post a link when it becomes available!