Thursday, March 5, 2015

"The Reporting Killchain: It's Killing Your Security"

Presented at Chattanooga ISSA, 3 March 2015



Abstract...

Think your organization is ready to attack the “Cyber Killchain”? Yeah right! You haven’t even tackled your Reporting Killchain!  What is that? It’s the process your organization takes to get information from the bottom to the top of your organization and back.  Chances are its like playing the old telephone game but even more pathetic and less direct!  Don’t be naïve enough to think you can begin to make your organization more secure until you put the information before the politics, bureaucracy, and mind numbing process.

Don’t worry, this isn’t a talk about organizational behavior, structure, or business best practice.  Nevermind that in doing so you’ll simultaneously improve organizational communication, morale, and security visibility. This is a discussion on methods you can use to hack your organizations reporting chain and put the power of the information before the process.  Lets look at how to use existing reporting tools to crunch more than just machine data.  Lets use them to further cultivate human generated data to create real organizational security intelligence! We’ll show you how to use existing reporting tools to do non-destructive analysis to create true multi-level reporting that can’t get shot down, watered down, or otherwise manipulated before it gets to the CEO! Lets attack the Reporting Killchain that’s keeping your organization from being more secure!