Monday, October 21, 2013

preso: Big 'R' Risk Management - from concept to pilot implementation

Here's the presentation (pdf) that I'm giving Monday at SIRAcon in Seattle.  This extends the ideas presented in the post "Risk Management: Out with the Old, In with the New!". This presentation presents some specifics on how to get started implementing the Big 'R' approach. It's even got a illustrative case toward the end featuring patch management and exceptions, shown in this figure (click to enlarge)

Example of Causal Dynamic Analysis, in this case Patch Management & Exceptions
(click to enlarge)

at

3 comments:

  1. Marco TietzOctober 21, 2013 at 11:04 AM

    This looks very interesting. For the 'patching illustrativ example' did you look at Allodi and
    Massacci's presentation at BlackHat (https://www.blackhat.com/us-13/archives.html#Allodi)? could be relevant. as well as jericho and steve christey's to a point (https://www.blackhat.com/us-13/archives.html#Martin)

    ReplyDelete
    Replies
    1. Russell ThomasOctober 21, 2013 at 2:38 PM

      Marco -- thanks so much for these references. No, I didn't draw on much outside sources or specifics. They will definitely add more detail and realism for the next pass of this presentation.

      Delete
    2. Marco TietzOctober 22, 2013 at 1:35 PM

      Russell, specifically the Allodi/Massacci case is quite interesting. A statistical analysis into patching based on CVSS. Something I haven't seen before. I know, only a small part of your Risk presentation, but I'm sure you'll find good things in there.

      Delete