The Mystery of the 8 Second Breach
How is it that when the average time it takes to detect and contain a breach is 230 days, a contractor to AmeriGas was able to address theirs in 8 seconds?
This presentation will compare and contrast two breaches that have been reported on publicly in 2021 to identify how each took a different approach to security, and how those approaches yielded differing results. Using the NIST CSF as a model for discussing these different approaches, the presentation will make the case for rebalancing security spending to emphasize detection and remediation capabilities and look at how, as an industry, we in information security have conditioned ourselves to focus on prevention to the detriment of most of the other domains in the NIST CSF.
In addition, the presentation will touch on the problems with paying ransoms and the limitations of cyber insurance as a curative measure.