SLIDE 1
Anthi Gilligan
“From ZERO to HERO” Building security from scratch
Application Security Engineer - Logitech @AnGreagach
Building security from scratch Anthi Gilligan Application Security - - PowerPoint PPT Presentation
Building security from scratch Anthi Gilligan Application Security - - PowerPoint PPT Presentation
From ZERO to HERO Building security from scratch Anthi Gilligan Application Security Engineer - Logitech @AnGreagach Who I am and what I do The state of Infosec The experts Pitfall #1 Pitfall #2 Pitfall #3 Pitfall #4 ENCRYPT
SLIDE 2
SLIDE 3
The state of Infosec
SLIDE 4
The “experts”
SLIDE 5
Pitfall #1
SLIDE 6
Pitfall #2
SLIDE 7
Pitfall #3
SLIDE 8
ENCRYPT OR DIE!!!!!
Pitfall #4
SLIDE 9
Policies, standards and tech specs
SLIDE 10
Security Architecture
SLIDE 11
Agree principles and objectives scope first…
Security Architecture
SLIDE 12
Security Architecture
Business Requirements Enterprise Architecture
- Goals
- Rules
- Requirements
Security Architecture
- Laws and regulations
- Standards
- ISMS
Ask the business + Ask the World! Ask the business
SLIDE 13
Some principles of Security Architecture
Security and privacy by design Security controls appropriate to risk Defence in depth Audit significant activities Ensure accountability Identify the weakest link By invitation only Design using security standards Least Privilege Secure SDLC
SLIDE 14
Simplify and standardise Mutual authentication Fidelity of environments Remote log file collection E2E technology lifecycle Inbound interactive connections Don’t trust… prove! Inbound interactive high-risk users Protect the data Secure recovery
Some (more) principles of Security Architecture
SLIDE 15
YOU!
SLIDE 16
Question Time!
Coffee = 1 question Beer = 2 questions Gin = Let’s talk at the bar ☺