35MINUTES
I need to start with a warning:The guys from Khipu told me to put a bit of humor in this presentation.... I‘m German, we don‘t know what humor is!!
So this going to be a bone dry presentation of crisp facts and timelines! And......., apologies for my accent!
Who and what has made it to the headline news in the last 18months (Wannacry, Equifax, others?) Maersk (Impact?) German Railway (DB, signage), hospital in Ruhr area, others notable, sizeableYou might have been bombarded with a lot of marketing talk about ZeroDays, APTs, and something else alike, So let‘s take a look...APTzeroday (how many in 2017)
Vulnerabilities (99.9%) (how many in 2017, how many considered ‚high‘, how many at 10.0
Timelines (WannyCry overlay)
WannaCry money, ransom payments and chances to not get things backKeep in mind that this only one element of your overall security architecture, still its a very basic, foundational one - security architecture
CES, CES plus, how to get certified
Style of presentation, rather quick parforce than Swiss mood 35MINUTES
Numbers of Vulns published in 2016, 2017, YTD2018:
2016: 7659
2017: 17427
2018 YTD: 4789
Acceptable risk level for: number of critical vulns at any given point in time, time to remediate them on critical assets, align with patch processes and maintenance windows
, provides a short cut
Users – your last form of defence”
“Student and staff education is vital in the defence against ransomware”
“We often look but seldom see”
The message is: „ If you want to get ahead of threats, address your vulnerabilities „
We can deliver this presentation also in a Webex session
I‘m pretty sure there is some british humor in the reports !!