Part 2: This talk discusses the dirty world of insider data theft, touching on the areas of; - the psychology of those who attempt it and why they do it - how data theft is generally accomplished - quick review of a few real-world data breach incidents - percentage of organizations that have robust controls against information theft - strengths and weaknesses of leading-edge prevention technologies (how data thieves get caught and/or how they get away with it) - what major improvements must be made in prevention technologies before any organization can honestly say that they are protected Vic has been employed as an "InfoSec Samurai" for the past 22 years. He was originally "drafted" (kicking and screaming) into the InfoSec discipline to develop proprietary mainframe security software for a specific government agency, and the rest is history. Over the years he has helped protect sensitive information that belonged to the CIA, DEA, Secret Service, Treasury Dept, Commerce Dept, and every other federal agency in existence. He later provided the same services for the U.S. Department of Defense, Navy, Marine Corps, and Army. He left government work eventually (with no regrets) and has worked within the private financial sector for the past 7 years. emwav has been a system and network administrator for the past dozen years. He has also been an integral part of the CarolinaCon staff the past several years. In his spare time he is a beer brewing enthusiast and can be found giving tours at Big Boss.
CarolinaCon is an annual conference in North Carolina that is dedicated to sharing knowledge about technology, security and information rights. CarolinaCon also serves to enhance the local and international awareness of current technology related issues and developments. CarolinaCon also strives to mix in enough entertainment and side contests/challenges to make for a truly fun event.
