Level: Technical

Abstract:
In today’s multi-sourced enterprise, your security is as good as your worst written contract. The bad news? I haven’t seen many well-written contracts so far… The good news? I’ve seen plenty of bad ones. Why is that good news? Because now I can tell you what are the Security contractual sins you should avoid, and how to avoid them.

This presentation will take you through some of the most egregious Security mistakes I keep encountering in IT contracts and will offer solutions to avoid them. The presentation is targeted at both customers and providers of IT and Security services. Because better contracts mean happier business relations for both parties. And more profits. And better Security.

(And yes, a Decalogue means 10. In practice, we found that there are quite a few more “sins”. Hence, the “ish” suffix in the title. Hope it will be forgiven.)

Bio:
Sebastian Avarvarei is currently working as Director for Security Advisory Services at a global organization. Sebastian has been in IT and Security for over 20 years, covering a multitude of roles ranging from Security Architect and Consultant to Auditor and Developer, giving him a unique multi-faceted view on today’s Security challenges.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Comments are closed.