Jeremiah Grossman on Communicating Security Upstream

Jeremiah Grossman (@jeremiahg) is the  CTO and Founder of WhiteHat Security, founder of the Web Application Security Consortium (WASC), as well as a frequent speaker at events including Black Hat, RSA, ISACA, CSI, Infosec World, OWASP, ISSA, and Defcon.

Grossman discussed with us the challenges of effectively communicating the value of security operations as a business enabler to the executive class from the point of view of a solutions provider.

“A lot of times now security can actually increase the top line, where companies can compete on the security of their offerings… If we speak in terms of dollars and cents, and likelihood and probability, I think we’ll make much more headway and really start to justify the things that we are doing to secure these systems,” Grossman said.

Grossman also explained the findings of some research he did for a BlackHat presentation on Javascript malware propagation thorough ad networks that can be used for denial of service attacks not by exploiting a vulnerability, but by leveraging the way the Internet is actually supposed to work…

Related Videos:

• Dmitri Alperovitch on Offensive Security and Active Defense
• David Mortman on Big Data Security Challenges
• Jolly Discusses Leveraging Threat Intelligence Data
• Jay Radcliffe on Implanted Medical Device Security
• Steven Fox: BYOD Means Bring Your Own Disappointment
• Shokunin Kishitsu: Alex Hutton on Attaining Craftsmanship in Security
• Brian Martin on Why Vulnerability Statistics Suck
• Dave Lewis and Javvad Malik Discuss Infosec Cons
• Scot Terban – AKA Krypt3ia – on Attribution Shmatribution

P.S. Have you met John Powers, supernatural CISO?