Welcome to Diana Initiative 2021 Virtual Conference schedule. For more information, please see our virtual conference page here : https://tickets.dianainitiative.org
Everyone loves NIST 800-53 and compliance talk right? Of course! But let’s be honest, it’s a pretty dry read for anyone who’s worked with it before and can be even harder to try to translate if you’re talking to someone who’s not in an engineering or security specific role. Example: access controls are cool and all but how do you explain authorization versus authentication easily? How about with that one time the maintenance person, who is authenticated to have keys to every apartment, enters without proper authorization. Do we have logs for that? I hope so. My goal is to each of the control families and break them down into something quick and digestible so anyone, not just an engineer, can understand the impact and some easily relatable risk management.
