Obtaining indirect access to a targeted business partner<\/li>\n<\/ul>\nThe last bullet point is why Multz was adamant that companies be thorough when choosing a vendor. A security breach of your company could very well be the result of lax vendor security. Thus, it\u2019s important for a company to perform their due diligence in order to understand how seriously potential vendors consider security.<\/p>\n
Creating A Powerful User Defense Against Attackers<\/strong>
\nBen Ten, VP of Information Systems for a medical billing company in IL<\/em><\/p>\nThis was an incredibly informative talk about the role of users within a company\u2019s security framework. Ten started by reminding the audience that users can leave the door wide open for attackers to come in and breach a company. Because of this, the user becomes a crucial focal point when considering a company\u2019s security.<\/p>\n
He cited that 90% of malware needs human interaction in order to work, and 77% of attacks are phishing scams. Also, data found that the more emails sent within a specific campaign, the more people are going to click. That\u2019s what makes training staff so important. But current training is so ineffective.<\/p>\n
Why?<\/p>\n
Ten explained that there are several things that keep user security training fated from the start. First is user apathy. They may not understand the point of the training, and may only see the exercise as a four hour long talk about things that aren\u2019t interesting or relevant to them. Ten resolved this at his own workplace by incentivizing security training.<\/p>\n
Second is a matter of mutual respect. Ben says the general perception of the people in an IT department is that they\u2019re intolerant, impolite, impatient, and irritating. When someone who doesn\u2019t know as much about IT requests assistance from someone in that department, they can often receive a response that\u2019s condescending or impatient. This results in users having an apathetic response to security training, or no response when a targeted attack is actually happening in the office.<\/p>\n
The flip side of this is the perception of users being inept, ignorant and irresponsible. When someone working in the IT department gets a call from a user within a different department, and they don\u2019t understand why spilling soda on their keyboard last week is causing a malfunction, it can be hard to keep calm.<\/p>\n
However, Ben explains that mutual respect and understanding within the organization is going to be one of the best first steps toward maintaining healthy user security. It can increase the amount that users respond to potential attacks as they encounter them, and can mean more personal investment from workers into the security of their workplace.<\/p>\n
Security BSides information and upcoming events<\/a>
\nEach BSides is a community-driven framework for building events for and by information security community members. \u00a0The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. Read more<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"BSides is a set of security conferences across the country, where IT students, professionals, and educators all gather to share expertise and insights into some large security concerns. These conferences are free to attend (you still need to register and receive a ticket), and invaluable to companies concerned about their security. I was fortunate enough to go to BSides Detroit on June 7th and 8th and caught some really great conversations. The following are a few highlights from the show: The Ever-Evolving Security Landscape Jeff Multz, Dell SecureWorks One of the strongest takeaways from Multz\u2019s talk was that companies should use compliance as a framework, because compliance doesn\u2019t mean total, impenetrable security (this reminds me of the Bashas supermarket chain being breached even while compliant). He cited that 92% of breach incidents were discovered by a third party, and that 40% of attacks in the past two years were directed at companies with fewer than 500 employees (the reason for this, Multz explains, is that smaller companies tend to have smaller IT budgets, which means security may be a little easier to bypass for an attacker). Multz also gave a list of motivations behind cyber crime: Financial gain Intelligence gathering…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-2482","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\n
Recap from BSides Detroit: Evolving IT Security | OTAVA<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Recap from BSides Detroit: Evolving IT Security\" \/>\n<meta property=\"og:description\" content=\"BSides is a set of security conferences across the country, where IT students, professionals, and educators all gather to share expertise and insights into some large security concerns. These conferences are free to attend (you still need to register and receive a ticket), and invaluable to companies concerned about their security. I was fortunate enough to go to BSides Detroit on June 7th and 8th and caught some really great conversations. The following are a few highlights from the show: The Ever-Evolving Security Landscape Jeff Multz, Dell SecureWorks One of the strongest takeaways from Multz\u2019s talk was that companies should use compliance as a framework, because compliance doesn\u2019t mean total, impenetrable security (this reminds me of the Bashas supermarket chain being breached even while compliant). He cited that 92% of breach incidents were discovered by a third party, and that 40% of attacks in the past two years were directed at companies with fewer than 500 employees (the reason for this, Multz explains, is that smaller companies tend to have smaller IT budgets, which means security may be a little easier to bypass for an attacker). Multz also gave a list of motivations behind cyber crime: Financial gain Intelligence gathering...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2013-06-11T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"Recap from BSides Detroit: Evolving IT Security\",\"datePublished\":\"2013-06-11T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\"},\"wordCount\":700,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\",\"url\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\",\"name\":\"Recap from BSides Detroit: Evolving IT Security | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2013-06-11T00:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Recap from BSides Detroit: Evolving IT Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Recap from BSides Detroit: Evolving IT Security | OTAVA","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/","og_locale":"en_US","og_type":"article","og_title":"Recap from BSides Detroit: Evolving IT Security","og_description":"BSides is a set of security conferences across the country, where IT students, professionals, and educators all gather to share expertise and insights into some large security concerns. These conferences are free to attend (you still need to register and receive a ticket), and invaluable to companies concerned about their security. I was fortunate enough to go to BSides Detroit on June 7th and 8th and caught some really great conversations. The following are a few highlights from the show: The Ever-Evolving Security Landscape Jeff Multz, Dell SecureWorks One of the strongest takeaways from Multz\u2019s talk was that companies should use compliance as a framework, because compliance doesn\u2019t mean total, impenetrable security (this reminds me of the Bashas supermarket chain being breached even while compliant). He cited that 92% of breach incidents were discovered by a third party, and that 40% of attacks in the past two years were directed at companies with fewer than 500 employees (the reason for this, Multz explains, is that smaller companies tend to have smaller IT budgets, which means security may be a little easier to bypass for an attacker). Multz also gave a list of motivations behind cyber crime: Financial gain Intelligence gathering...","og_url":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/","og_site_name":"OTAVA","article_published_time":"2013-06-11T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"Recap from BSides Detroit: Evolving IT Security","datePublished":"2013-06-11T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/"},"wordCount":700,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/","url":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/","name":"Recap from BSides Detroit: Evolving IT Security | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2013-06-11T00:00:00+00:00","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/recap-from-bsides-detroit-evolving-it-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"Recap from BSides Detroit: Evolving IT Security"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2482"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2482\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2482"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}