Ransomware is doing more to change the security landscape than the last 20 years of Secure Development Lifecycle, DevSecOps, Zero Days, Breaches, or any corporate memo. Pair this with predatory pricing models from software vendors that sell security features as add-on products in premium or enterprise tier licenses, and you’ve got a perfect storm that hits small and medium sized businesses (SMBs) the hardest.
In this hard-hitting talk, Kymberlee Price reveals the technical chaos facing the US’s largest employment sector: SMBs. With restricted budgets, a lack of expertise, no access to consumer reports by which to clearly compare products, and a SaaS industry that makes basic security features like SSO a premium add-on, many businesses remain easy pickings for threat actors in a rapidly expanding crimeware landscape.
Why should we care about this, is it really a national threat, and what can a bunch of security engineers do about it?
About the Author
Kymberlee Price is a dynamic engineering leader and public speaker known for developing high-performing multidisciplinary teams responsible for the security and integrity of software products, services, and infrastructure. A recognized expert in the information security industry, she has extensive experience in product security incident response and investigations, coordinated vulnerability disclosure and bug bounties, Secure Development Lifecycle (SDL), and Open Source Security strategy. Kymberlee speaks regularly at conferences around the world and is currently on the content review board for Black Hat USA and LocoMocoSec.
About LABScon
This presentation was featured live at LABScon 2024, an immersive 3-day conference bringing together the world’s top cybersecurity minds, hosted by SentinelOne’s research arm, SentinelLabs.
Keep up with all the latest on LABScon 2025 here.