Every day companies - massive companies - get hacked. Why? Could it be what the company themselves leak through their own website, through DNS, through their staff. This talk will look at what operations security (OPSEC) is; how knowing your OPSEC can help protect your business, providing practical steps to better understand your leaks and what attackers will use to target you. We'll show real examples of OPSEC mistakes that impact the security of the organization and also show how attackers turn innocuous leaks into targeted attacks. Concluding, we'll outline how to mitigate some of your leaks and limit your exposures. Many of the secrets of the threat intelligence community are achievable yourself using basic open-source intelligence exercises. Get your Google-Fu on this will be fun!
Understand what OPSEC is and how that knowledge can benefit an organization and allow it to take practical steps to limit leaks and mitigate some of threats.
Make use of the simple tools and techniques provided during this session to start their OPSEC journey.
Return to your organization and practically demonstrate to senior staff how their respective organization may be leaking information that an attacker can use.