Hi [[ session.user.profile.firstName ]]

Top 5: Reasons You Should Consider a Career in Cyber Security

CREST President Ian Glover gives his Top 5 reasons that a Cyber Security Career should be of interest to you...
Recorded Jan 7 2016 3 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ian Glover, President, CREST
Presentation preview: Top 5: Reasons You Should Consider a Career in Cyber Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Securing FinTech: Threat-based testing along the kill chain May 16 2017 10:00 am UTC 45 mins
    Peter Wood
    Threat-based testing, accurately simulating criminal attacks, is a critical approach in securing FinTech. Attackers constantly evolve their attack methods and strategies in response to changing technologies, making it essential that security tests match the threat landscape.
  • [Video Interview] Piers Wilson and the IISP Industry Survey May 4 2017 1:00 pm UTC 30 mins
    Josh Downs, BrightTALK & Piers Wilson, Director, IISP
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with The IISP's Piers Wison for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The findings of the IISP Industry Survey

    - AI & machine learning in the security sphere

    - The steps cyber professionals need to take to prepare for GDPR

    - What banks can be doing to remain as protected as possible from cyber criminals

    - The growth of IoT networks and their subsequent vulnerabilities

    - What to look for when assembling a security team

    - How to get the most out of your security budget

  • [Video Interview] Andrew Gould on Early Cyber Prevention Techniques May 3 2017 1:00 pm UTC 30 mins
    Josh Downs, BrightTALK & Andrew Gould, Head of the MET's Falcon Cybercrime Unit
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with The MET's Andrew Gould for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The rise of Ransomware and what we can be doing to protect ourselves

    - The steps that businesses should be taking to prepare for GDPR

    - Financial cyber security and what the banks can be doing better to defend against malicious hackers

    - Cyber security relations and the future of law enforcement post-Brexit
  • [Video Interview] Tarah Wheeler on the Ethics of Hacking Back and AI in Security May 2 2017 1:00 pm UTC 30 mins
    Josh Downs, BrightTALK & Tarah Wheeler, Principal Security Advocate, Symantec
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with Symantec's Tarah Wheeler for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The ethics of 'hacking back'

    - AI & Machine learning and the influence it'll have on security

    - Cyber security in the financial sector

    - Cyber warfare and the new tactics coming through

    - Vulnerabilities in the IoT and what we can do about them

  • [VIDEO] Cyber Security Lessons for the Financial Sector Recorded: Feb 24 2017 11 mins
    Josh Downs, Community Manager, BrightTALK & Ian Glover, President, CREST
    BrightTALK will be broadcasting its in-depth interview with CREST President Ian Glover and Nettitude MD Rowland Johnson jointly in conversation.

    Topics up for discussion will include:

    - The new political climate and it's effect on Cyber Security and global cyber warfare

    - The supposed Russian hack on the 2016 US election

    - GDPR and what companies need to be doing to prepare for 2018

    - Equal opportunities in the information security industry

    - The rise of AI & Machine learning and how it'll influence the cyber world

    - IoT and how to keep connected devices all safe and secure

    - Incident response and steps to take if you've been breached!

    - The 2017 threatscape and what you shoud be concentrating on

    All this and much more - join us for the broadcast.
  • The Future of Machine-Based Penetration Testing Recorded: Feb 7 2017 34 mins
    Sion Retzkin - Cronus Cyber Technologies
    The majority of internal and external cyber-attacks begin with exploiting vulnerabilities in the network and targeted applications. Over 99% of actual attacks exploit known vulnerabilities listed as known Common Vulnerabilities and Exposures (CVEs). The traditional defence is to probe the system using manual or automatic vulnerability scanning techniques; but this produces a lot of redundant and irrelevant information that does not shed any light as to whether a hacker can use the vulnerability to reach a critical asset. The only solution today is human penetration testing, but infrequent testing does not reflect the network's dynamic nature, especially in today's virtual and cloud based environments.
    A fresh approach to support manual penetration testing and enhance cyber resilience is to continuously and automatically test the network, applications and databases by using penetration testing techniques to expose vulnerabilities, establish complex attack path scenarios in real time and provide security and business insights to act on.
    This presentation will look at the technology and role of machine-based penetration testing.
  • Auditing Neglected Critical Infrastructure Recorded: Jan 18 2017 33 mins
    Ian Whiting - CEO Titania Group
    Key network infrastructure devices are overlooked yet they provide critical functionality. Exploiting web application weaknesses and service buffer overflows is exciting, but the housekeeping of network infrastructure is not. Issues in network infrastructure devices can lead to network wide problems that would cause system admininstration nightmares. This presentation provides a review of key security devices, often side-lined when looking at security. It covers the value of these devices to "Blue Teams", issues "Red Teams" can highlight, desired outcomes and auditing practices.
  • [Video Interview] The Cyber Year in Review: Ian Glover, President, CREST Recorded: Dec 6 2016 28 mins
    Ian Glover, President, CREST & Josh Downs, Information Security Community Manager, BrightTALK
    Join this engaging session as BrightTALK conducts an in-depth interview with Ian Glover, President of CREST.

    It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Ian for his thoughts on the cyber security industry and in particular:

    - The big breaches of 2016 and lessons to be learnt
    - The current threatscape
    - The big vulnerabilities on the horizon
    - Ian's insights into how to keep your company secure in 2017

    We look forward to you joining us for the session.
  • Network security, seriously? 2016 Network Penetration Tests Recorded: Sep 7 2016 46 mins
    Peter Wood
    The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
  • The Next Generation of Cyber Crime is here Recorded: Aug 9 2016 47 mins
    Rob Coderre
    Evolving tactics, techniques and procedures (TTPs) of online criminal actors have left a number of notable victim organizations in their wake and raised the bar for the security teams and law enforcement agencies that have sworn to protect them. From the migration of online criminal markets to an even deeper underground, to online extortion making a big comeback in novel ways, to increasingly effective malware crafted to steal more money and private information, if you are a potential target for online criminals, you are up against a greater cyber criminal threat than in years past.
  • Infosecurity 2016: Cyber Security in the Financial Sector Recorded: Jun 15 2016 7 mins
    Ian Glover, President, CREST & Josh Downs, Community Manager, BrightTALK
    - BrightTALK at Infosecurity Europe 2016 -

    BrightTALK were delighted to be joined by President of CREST and Industry-leading thinker Ian Glover in London at Infosecurity Europe.

    Ian covered key information security topics such as the notable recent breaches in the financial world and why the banks keep getting hacked; the principal threat actors and attack vectors; the main vulnerabilities to critical infrastructure; the enduring benefit of pentesting and cyber security is such an attractive career choice.
  • You’re The One That They Want: Targeted Threats and You Recorded: Jun 15 2016 46 mins
    Don Smith, SecureWorks, Ian Glover, CREST & Peter Wood, First Base Technologies
    The rise in targeted threats means that security teams must move beyond a general understanding of the threat landscape, to a detailed understanding of their own context and the ability to spot threats targeted at their specific organisation.

    In a world of information-overload and an explosion in communication channels, how do you sift through the noise and identify true threats to your business?

    Key themes:

    •The challenges faced by organisations from the rise in targeted threats
    •Limitations of security processes in protecting from targeted threats
    •How to gain early visibility into the threats targeting your particular organisation

    Don Smith leads the CTU™ Cyber Intelligence Cell: a team of experienced threat analysts who, through the application of established intelligence practices, deliver actionable and timely intelligence products on the threats most relevant to SecureWorks clients. Don also leads the CTU research team in EMEA.

    Don joined SecureWorks in 2005 and, since then, has been instrumental in establishing a CTU presence in EMEA and building important relationships for SecureWorks in the region. His enthusiasm and threat expertise means that he regularly represents SecureWorks at industry events in EMEA. Don has 24 years’ experience in the IT industry and was previously responsible for security architecture and operations for a multi-billion enterprise, where he took a lead role in successfully integrating 14 acquisitions. He is a recognized subject-matter expert many areas of cybersecurity and advises SecureWorks and SecureWorks’ clients globally.
  • Risk-based Security - Fighting Unlimited Threats with Limited Resources Recorded: May 10 2016 37 mins
    Irene Michlin, Managing Security Consultant, NCC Group
    Even the most security-minded organisation has limited budget and staff. How to decide where to spend these resources to provide maximum benefit to your organisation?

    In this webinar Irene Michlin will discuss how your organisation can establish a repeatable process for decision making in such areas as:
    •What and when to test
    •Which threats urgently require mitigation
    •What security training your staff needs
  • Using Targeted Intelligence to Direct Your Technology Policy Recorded: Feb 16 2016 49 mins
    Jules Pagna Disso, Head of Research and Development, Nettitude
    The success of cyber threat intelligence is measured by its effectiveness in reducing the impact of malicious actors. It is therefore important to understand the economy of malware in order to break the chains of success of such economy. Such success needs to be materialised by a change in attitude, policies and configurations.

    Whilst applicable to most organisations, most examples used during this seminar will feature the financial sector and aim to:

    · Analyse the core components of the economy of malware

    · Analyse how to gather intelligence to reduce the impact of malicious actors

    · Show how to use the intelligence gathered to improve the security posture of the organisation
  • Top 5: Reasons You Should Consider a Career in Cyber Security Recorded: Jan 7 2016 3 mins
    Ian Glover, President, CREST
    CREST President Ian Glover gives his Top 5 reasons that a Cyber Security Career should be of interest to you...
  • Putting Penetration Testing in Context Recorded: Dec 1 2015 45 mins
    Paul Midian, Chairman, CREST
    Penetration testing is just one element in the overall process of obtaining confidence in the cyber security of the organisation. Consideration to security must be given in the architectural design of networks and the coding of applications and website. Where this is not the case penetration testing will provide an indication of what should be done to retrospectively apply security or to provide a ‘patch’ to make things better.

    Many investigations of cyber attacks have highlighted that the system has been compromised for some time, often years, without the system owner knowing. The penetration test provides an insight into the internal controls and the ability of the SOC or NOC to identify attacks. If the test is conducted and there is no indication that it has been detected, it is highly likely that real attacks have not been detected either and further analysis is required.

    It must be recognised that no security is impenetrable and therefore the ability to react to a cyber security incident is really important. The penetration testing is essential to test the organisation’s ability to respond. The statement that a penetration test will be quickly out of date is valid to some extent but without it the organisation is blind to the types of threats it is exposed to and the vulnerabilities in the systems. To be effective the testing programme must be placed in context and the links between assurance activities fully understood.
  • Top 5: Reasons You Should be Scared of Your Customers Recorded: Nov 25 2015 4 mins
    Ken Munro, Senior Partner, Pen Test Partners LLP & CREST Executive
    We caught up with Pen Test Partner's Ken Munro, to get his Top 5 reasons that you should be scared of your customers.
  • Effective Cyber Security Monitoring and Incident Response Recorded: Oct 13 2015 42 mins
    Jason Creasey, Information Security Consultant, Jerakano
    Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.

    He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.

    Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.
  • How Do You Attract The Best Young Talent into Careers With an Image Problem? Recorded: Jul 13 2015 47 mins
    Ian Glover, President of CREST
    While most parents would be delighted if their offspring wanted to become an accountant, lawyer or even an actuary, they may be less encouraging if their son or daughter said they wanted to be a hacker. This is the negative manifestation of working in the cyber security industry that is often portrayed in the media. The reality is very different, with careers in cyber security providing fantastic opportunities that are hugely varied, really challenging and help to do good for society.

    Structured career paths provide an opportunity to progress quickly with jobs in large audit and accountancy firms through to small specialist boutique start-ups, as well as the chance for international work and creating new businesses. In addition, the whole industry is very diverse and is looking for people with a very wide range of talents.

    The problem is how do we communicate this to people who may be interested in the industry? Just as important for young people, how do we get to the influencers; their parents and their careers advisors to understand what an exciting place the cyber security industry is to work in and what they can expect in terms of the types of company they could work for and their salary expectations.

    The problem can be partially solved through education, information and support from businesses working together with a consistent message designed to encourage the very best people into the industry.

    In this presentation, Ian Glover from CREST will look at the challenges of attracting the brightest young people into careers that traditionally have an image problem and providing a strong career path once they are in. In particular, he will focus on the importance of properly-run internships and Government funded initiatives to educate and inform.
Assurance in Information Security
CREST represents the technical information security industry by:

- Offering a demonstrable level of assurance of processes and procedures of member organisations
- Validating the competence of their technical security staff
- Providing guidance, standards and opportunities to share and enhance knowledge
- Providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Top 5: Reasons You Should Consider a Career in Cyber Security
  • Live at: Jan 7 2016 10:35 am
  • Presented by: Ian Glover, President, CREST
  • From:
Your email has been sent.
or close