Security the Wrong Way

This talk covers how organizations, large and small, can benefit from looking at security a new way. The way we think about security is wrong. We are optimizing the wrong things.

Some examples of how we are handling security incorrectly include:

• 47% of developers don’t know if their open source is out-of-date.
• We use vulnerability scanners to identify assets.
• We hire penetration testers before having a simple security process in place.