Speaking and Book Signing in Boston — next week!

IANS Research Security Event in Boston November 21st, 2024

If you happen to be in or around Boston next week I’m going to be speaking at an IANS Research Security Forum on two very interesting topics with some other amazing security experts.

2024 Boston Forum

If you’ve ever been to an IANS event you know that it’s not just me talking but also a lot of audience participation — with no vendors in the room. Vendors will be there giving presentations and you get entered into a drawing to win prizes when you go listen to them, but the faculty run sessions don’t include vendors.

I think the two topics I’m speaking on are very important for the state of security we are in today. Come join me to listen, participate, or contribute to the conversation.

Supply Chain Attacks ~ Was your software or hardware altered in transit?

The first one is about Supply Chain Attacks. When a lot of people think about supply chain attacks they think of software packages but it is SO MUCH MORE. I wrote about the potential for supply chain attacks in my book published in 2020 and practically predicted the Solar Winds Breach:

SolarWinds Breach

In addition we’ve had things like pagers blowing up and water supply issues as well as all the cloud breaches we need to be concerned about. One of the most challenging issues involves the networking equipment delivered to you. Can someone tamper with that equipment where it is manufactured, tested, or en route when delivered?

Come discuss these issues and either ask your questions or contribute as to how you have solved these issues in your own organization. I’ll provide some information I’ve gathered through research and speaking with vendors. Information sharing is one of the ways we can truly improve security outcomes.

Better Security Testing In Software Development Processes

The second topic is on incorporating better security testing into the development and deployment pipeline. Tools or no tools, we can do better. I’ll explain the types of things I find on penetration tests and explain how organizations can test for a lot of these issues before a test or assessment. I’ve been developing software for over 30 years now and have worked in organizations large and small, from banks to health care to oil companies to startups. All organizations can improve their security by incorporating more testing into their development process and deployment pipeline.

And yes, I do believe your QA team can learn to test for cybersecurity flaws. I’ve worked on development teams large and small with excellent QA people testing complex banking applications and tax systems, for example. It’s still best to get outside experts to validate and test for more advanced issues, but your QA team can do more to help protect against security threats during the development process — not after.

Book Signing

One last late minute addition — I’ll be doing a book signing! My book called Cybersecurity for Executives in the Age of Cloud was written to help anyone who wants an executive overview of cybersecurity. It’s not just about how you write or deploy software or firewalls. Cybersecurity involves understanding core principles and architecting an environment that reduces risk — or as I like to say, reduce the chances you are giving attackers to break in.

I am grateful for the forward written by a retired U.S. Major Air Force general, Stephen Clark. He knows something about security and is also a fellow IANS faculty member. I had the honor of hearing him speak on leadership at a past IANS event.

AWS re:Invent

Also, by the way — after this event I’m headed to Las Vegas to AWS re:Invent!

AWS re:Invent 2024 | December 2-6, 2024

Looking forward to seeing my fellow AWS Heroes from around the world. AWS Heroes are a group of people who are selected as experts by AWS. We help further information about how to use AWS properly — and in the case of the AWS Security Heroes — securely.

AWS Heroes | Expert Cloud Community | AWS Developer Center

If you have any AWS questions, I can answer those on IANS Research consulting calls or come ask me at the IANS event in Boston. Please note I have to leave a bit early due to lack of flights from Boston to Savannah so connect with me early!

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2024

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab

Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation

Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab