bsidesaustin2019 has ended
Friday, March 29 • 3:00pm - 4:00pm
An epidemiological approach to creating an information security prevention framework

Sign up or log in to save this to your schedule and see who's attending!

Public health frameworks use a multi-level tiered approach to describe prevention interventions used with medical concerns, behavioral issues, and more. Not every intervention is appropriate for every situation, and no one wants to waste resources by focusing on the wrong thing! Just like a flu shot will not help someone who is dying from a bullet wound, basic security awareness classes and incident response plans are very different types of interventions - although both are crucial in their own ways!

In this talk, this social-scientist-turned-compliance-consultant will discuss how this approach could be applied to information security efforts by re-framing how people think about the programs, policies, and best practices that they are being told to implement and/or follow. This extended analogy can be used to bring people from all departments together to improve buy-in across levels, increase policy adherence, and ultimately make your data safer and your company less susceptible to the consequences of noncompliance.

avatar for Chelsey Donohoe

Chelsey Donohoe

R&D Associate/ Operations Specialist, Red Lion LLC
Chelsey Donohoe is a social scientist-turned-compliance consultant who can translate complicated texts (e.g., academic sources, legal texts and regulations, and technical controls and frameworks) into practical, understandable, and actionable results that are easily communicated to... Read More →

Friday March 29, 2019 3:00pm - 4:00pm

Attendees (11)