Note: This proposal is for a talk targeted at Business Users – I will also be submitting an proposal on the same topic for Developers.
Web Site security is a mindset, and an ever increasing source of anxiety for business users who see “[Big company] Web Site Hacked” headlines every day. Using the classic CIA Security Triad we will explore how business users can have more confidence in the Confidentiality, Integrity and Access regarding their own WordPress sites. We will explore selecting plugins around your CIA strategy, business policy decisions that impact security and external resources such as CERT.
I have had several articles published regarding PHP and/or WordPress security. The talk will be drawn from the ideas in the following articles:
https://aretex.org/wordpress-application-security-part-1/
https://aretex.org/wordpress-application-security-part-2/
http://www.sitepoint.com/encrypt-large-messages-asymmetric-keys-phpseclib/
http://insights.dice.com/2013/11/26/wordpress-secure-application-framework/
http://insights.dice.com/2013/03/08/a-brute-force-defense-against-injection-attacks/