Presenter:
This talk argues that defenders are losing time and ground because they’re trying to secure everything equally instead of focusing on what actually matters most. The key is relentless prioritization around critical assets and attack paths, not broad, unfocused coverage.
Key takeaways
- You can’t protect everything equally
- Not all assets carry the same risk
- Treating everything as “critical” spreads teams too thin
- Real security starts with clear prioritization
- Critical assets define the fight
- What systems would actually stop operations if compromised?
- What processes create the most business or safety impact?
- These should drive security focus—not generic asset lists
- Attack paths matter more than individual issues
- Risk isn’t isolated—it’s chained
- Small weaknesses become dangerous when connected
- Focus on how attackers move, not just what they exploit
- Coverage without focus creates blind spots
- Trying to monitor everything leads to shallow visibility
- Important signals get lost in the noise
- Depth beats breadth
- Prioritization must be continuous
- Environments change
- Business priorities shift
- What’s critical today may not be tomorrow
