How Do You Attract The Best Young Talent into Careers With an Image Problem?
While most parents would be delighted if their offspring wanted to become an accountant, lawyer or even an actuary, they may be less encouraging if their son or daughter said they wanted to be a hacker. This is the negative manifestation of working in the cyber security industry that is often portrayed in the media. The reality is very different, with careers in cyber security providing fantastic opportunities that are hugely varied, really challenging and help to do good for society.
Structured career paths provide an opportunity to progress quickly with jobs in large audit and accountancy firms through to small specialist boutique start-ups, as well as the chance for international work and creating new businesses. In addition, the whole industry is very diverse and is looking for people with a very wide range of talents.
The problem is how do we communicate this to people who may be interested in the industry? Just as important for young people, how do we get to the influencers; their parents and their careers advisors to understand what an exciting place the cyber security industry is to work in and what they can expect in terms of the types of company they could work for and their salary expectations.
The problem can be partially solved through education, information and support from businesses working together with a consistent message designed to encourage the very best people into the industry.
In this presentation, Ian Glover from CREST will look at the challenges of attracting the brightest young people into careers that traditionally have an image problem and providing a strong career path once they are in. In particular, he will focus on the importance of properly-run internships and Government funded initiatives to educate and inform.
RecordedJul 13 201547 mins
Your place is confirmed, we'll send you email reminders
What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
The Internet of Everything affects everyone from multi-nationals to private citizens. The universal adoption of machine to machine communications in every aspect of our lives offers criminals a hugely expanded attack surface. How do we defend ourselves without undermining the benefits of the IoE?
Josh Downs, BrightTALK & Justin Clarke-Salt, MD, Gotham Digital Science
- BrightTALK at CRESTCON & IISP Congress -
BrightTALK caught up with Gotham Digital Science's Justin Clarke-Salt for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.
Topics up for discussion:
- The evolution and future of cyber warfare
- How to run a comprehensive and complete pentest
- Where to start when building the ideal security team
- Financial security and how to best protect the banks
- GDPR and preparations to make to ensure full security for 2018
- The growth of the IoT and how to ensure we're protecting the connected devices
BrightTALK caught up with Obrela Security Industry's George Paptis for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.
Topics up for discussion:
- The elements and process to run a really comprehensive pentest
- How banks are still juicy targets for cyber criminals and what they can be doing to ensure they're fully protected.
- How to get the maximum results from a security budget.
- The positive steps that George sees in the cyber security industry
Threat-based testing, accurately simulating criminal attacks, is a critical approach in securing FinTech. Attackers constantly evolve their attack methods and strategies in response to changing technologies, making it essential that security tests match the threat landscape.
The majority of internal and external cyber-attacks begin with exploiting vulnerabilities in the network and targeted applications. Over 99% of actual attacks exploit known vulnerabilities listed as known Common Vulnerabilities and Exposures (CVEs). The traditional defence is to probe the system using manual or automatic vulnerability scanning techniques; but this produces a lot of redundant and irrelevant information that does not shed any light as to whether a hacker can use the vulnerability to reach a critical asset. The only solution today is human penetration testing, but infrequent testing does not reflect the network's dynamic nature, especially in today's virtual and cloud based environments.
A fresh approach to support manual penetration testing and enhance cyber resilience is to continuously and automatically test the network, applications and databases by using penetration testing techniques to expose vulnerabilities, establish complex attack path scenarios in real time and provide security and business insights to act on.
This presentation will look at the technology and role of machine-based penetration testing.
Key network infrastructure devices are overlooked yet they provide critical functionality. Exploiting web application weaknesses and service buffer overflows is exciting, but the housekeeping of network infrastructure is not. Issues in network infrastructure devices can lead to network wide problems that would cause system admininstration nightmares. This presentation provides a review of key security devices, often side-lined when looking at security. It covers the value of these devices to "Blue Teams", issues "Red Teams" can highlight, desired outcomes and auditing practices.
Ian Glover, President, CREST & Josh Downs, Information Security Community Manager, BrightTALK
Join this engaging session as BrightTALK conducts an in-depth interview with Ian Glover, President of CREST.
It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Ian for his thoughts on the cyber security industry and in particular:
- The big breaches of 2016 and lessons to be learnt
- The current threatscape
- The big vulnerabilities on the horizon
- Ian's insights into how to keep your company secure in 2017
We look forward to you joining us for the session.
The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
Evolving tactics, techniques and procedures (TTPs) of online criminal actors have left a number of notable victim organizations in their wake and raised the bar for the security teams and law enforcement agencies that have sworn to protect them. From the migration of online criminal markets to an even deeper underground, to online extortion making a big comeback in novel ways, to increasingly effective malware crafted to steal more money and private information, if you are a potential target for online criminals, you are up against a greater cyber criminal threat than in years past.
Ian Glover, President, CREST & Josh Downs, Community Manager, BrightTALK
- BrightTALK at Infosecurity Europe 2016 -
BrightTALK were delighted to be joined by President of CREST and Industry-leading thinker Ian Glover in London at Infosecurity Europe.
Ian covered key information security topics such as the notable recent breaches in the financial world and why the banks keep getting hacked; the principal threat actors and attack vectors; the main vulnerabilities to critical infrastructure; the enduring benefit of pentesting and cyber security is such an attractive career choice.
CREST represents the technical information security industry by:
- Offering a demonstrable level of assurance of processes and procedures of member organisations
- Validating the competence of their technical security staff
- Providing guidance, standards and opportunities to share and enhance knowledge
- Providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development