33      0

1778626 - What are you leaking? Practical steps in knowing your OPSEC.

‐ Oct 18, 2021 2:45pm

Every day companies - massive companies - get hacked. Why? Could it be what the company themselves leak through their own website, through DNS, through their staff. This talk will look at what operations security (OPSEC) is; how knowing your OPSEC can help protect your business, providing practical steps to better understand your leaks and what attackers will use to target you. We'll show real examples of OPSEC mistakes that impact the security of the organization and also show how attackers turn innocuous leaks into targeted attacks. Concluding, we'll outline how to mitigate some of your leaks and limit your exposures. Many of the secrets of the threat intelligence community are achievable yourself using basic open-source intelligence exercises. Get your Google-Fu on this will be fun!

Learning Objectives:

  • Understand what OPSEC is and how that knowledge can benefit an organization and allow it to take practical steps to limit leaks and mitigate some of threats.
  • Make use of the simple tools and techniques provided during this session to start their OPSEC journey.
  • Return to your organization and practically demonstrate to senior staff how their respective organization may be leaking information that an attacker can use.




You must be logged in and own this session in order to post comments.

Barry Dowell
10/25/21 6:43 pm

This would have made an awesome keynote and really should have been a keynote session.

Tricia Scherer
10/30/21 9:27 pm

I enjoyed the humor and real world examples! I found myself shaking my head a lot, especially at people posting work ID badges on social media.

Peter Lundstedt
11/4/21 9:31 am

Favorite presentation of the Congress. Instant real-world application, highly relevant, and a topic that doesn't get enough attention.