Hi [[ session.user.profile.firstName ]]

Women In Cybersecurity: Roundtable Discussion

According to Forbes, only 20% of the cybersecurity workforce is made up of women. The lack of diversity within the industry needs changing. The intention of this webcast is for the women in our cybersecurity team to share their stories which may hopefully inspire others and help change the perception that cyber will always be male-dominated.

Join SureCloud’s “security senoritas” who cover a variety of roles such as account management, penetration testing, marketing, consulting and project management (some techier than others!) They will be discussing their experiences and thoughts on women in cybersecurity as SureCloud celebrates International Women’s Day.

This session will cover:
•The UK education system, does it do enough to support girls into choosing a STEM career path?
•How women can get into the industry
•The benefits and challenges of cybersecurity including what it's like to be the only woman in the team and classroom

Grab a seat at our roundtable with Sinzi, Corisande, Phoebe, Sarah, Kiran and Lucy. We’re looking forward to receiving your questions and feedback!
Recorded Mar 9 2020 38 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Sinzi, Corisande, Phoebe, Sarah, Kiran and Lucy - SureCloud's Security Senoritas
Presentation preview: Women In Cybersecurity: Roundtable Discussion

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • CREST President Fireside Chat: Secure Your Cyber Baseline For The New Normal Jun 29 2020 3:30 pm UTC 60 mins
    Ian Glover, President, CREST & Craig Moores, Risk Advisory Director, SureCloud
    COVID-19 has caused widespread business transformation, forcing organizations to adapt to new ways of working in an extremely short period of time. As our lives begin to transition into this next stage of the 'new normal', businesses are starting to consider how imposed remote working has affected their cybersecurity posture. As well as wondering what they should be focussing on as they return to a full or partial office presence.

    Our clients tell us that they are experiencing an increase in threat actor activity, phishing attacks and cyber-related events and incidents. At the same time, businesses will be considering longer-term hybrid remote and office-based working practices that create conflicting pressures on security resources. To manage this, it's vital to get a clear understanding of your organization's cybersecurity posture, aligned with the 2020 digital landscape, and establish or enhance controls so that they remain robust and effective.

    Join CREST's President Ian Glover and SureCloud's Risk Advisory Director, Craig Moores, in their fireside virtual conversation to get up to speed. They will take you through their thoughts on the current cybersecurity landscape, as well as the potential risks for both imposed remote working and returning to the office post COVID-19 lockdown.

    Ian and Craig will also give you expert advice on how to develop your cybersecurity strategy to incorporate new threats and gain buy-in from key stakeholders for new ways of working. There will also be a Q and A at the end.

    Key takeaways include:
    1. New challenges businesses face post-COVID-19 lockdown
    2. 'Top ten' return to work tips including establishing new ways of working
    3. Advice on how to secure a new cyber baseline following a crisis
    4. Guidance for defining a resilient cyber strategy
  • Women In Cybersecurity: Roundtable Discussion Recorded: Mar 9 2020 38 mins
    Sinzi, Corisande, Phoebe, Sarah, Kiran and Lucy - SureCloud's Security Senoritas
    According to Forbes, only 20% of the cybersecurity workforce is made up of women. The lack of diversity within the industry needs changing. The intention of this webcast is for the women in our cybersecurity team to share their stories which may hopefully inspire others and help change the perception that cyber will always be male-dominated.

    Join SureCloud’s “security senoritas” who cover a variety of roles such as account management, penetration testing, marketing, consulting and project management (some techier than others!) They will be discussing their experiences and thoughts on women in cybersecurity as SureCloud celebrates International Women’s Day.

    This session will cover:
    •The UK education system, does it do enough to support girls into choosing a STEM career path?
    •How women can get into the industry
    •The benefits and challenges of cybersecurity including what it's like to be the only woman in the team and classroom

    Grab a seat at our roundtable with Sinzi, Corisande, Phoebe, Sarah, Kiran and Lucy. We’re looking forward to receiving your questions and feedback!
  • PCI 4.0 So What? How to Centre your PCI Programme Around your Business Objective Recorded: Jan 21 2020 53 mins
    Craig Moores, Risk Advisory Practice Director
    SureCloud will explore the challenges that organisations face when achieving and maintaining compliance with PCI DSS, with a particular focus on how organisations can design and deploy a programme that aligns with wider business objectives and embeds compliance activities into business operations.

    With headlines focusing on the evolution of PCI DSS 4.0, our session will target all levels of stakeholder involvement in the management of PCI compliance. Using our experience of delivering compliance applications, as an Approved Scanning Vendor, a penetration testing provider and critically from the experience of our ex-QSAs, we will share some of the shortfall’s that organisations have experienced, particularly focusing on the people, process and technologies critical in protecting an organisations’ payment channels.

    Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig has experience in leading and delivering complex cyber security solutions aligned to strategic business objectives. Craig has broad cyber security experience including a strong technical, software development and project management background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing.


    (The session will be structured around our case study organisation, Bananas to help bring this use case to life.)

    Key session takeaways:
    •Understand some of the business challenges that organisations face when implementing and maintaining a PCI compliance programme.
    •Gain real-world insight into the compliance management shortfalls and lessons learned by other organisations.
    •Reflect on how the next release of the PCI DSS 4.0 provides an opportunity for organisations.
    •Learn how to gain visibility of compliance using metrics and automation.
  • Looking Forward: What to Expect With PCI 4.0 Recorded: Nov 14 2019 44 mins
    Craig Moores, Risk Advisory Practice Director & Ben Dalton, Sr. GRC Technology Consultant
    Compliance professionals around the world are eagerly awaiting more information about PCI’s latest release to the Data Security Standards: PCI DSS 4.0. During this 30-minute webinar, we will review the timeline of the 4.0 release. Discuss findings from the 2019 RFC period draft release, highlight key changes that are coming with the revised framework, and discuss how SureCloud will help clients navigate these changes.

    Key Takeaways:
    •Overall Timeline for 4.0
    •Draft Version & Request for Comment (October - November 2019)
    •Changes to PCIDSS that are coming soon
    •How SureCloud will empower clients to adapt to these changes
    •Reflection on the recently released PCI DSS v4.0 Request for Comment draft

    Craig is responsible for SureCloud’s Risk Advisory Practice including engagement scoping, consultancy delivery and client relationships. Craig has experience in leading and delivering complex cyber security solutions aligned to strategic business objectives. Craig has broad cyber security experience including a strong technical, software development and project management background, with particular strengths in the areas of information risk management, PCI DSS, strategic planning and business auditing.

    Ben has spent the majority of his career in the IT security & GRC industry—both on the product side as well as a practitioner. At the Walt Disney company, Ben implemented processes and technology to help streamline and automate the PCI compliance program at Disney Parks & Resorts.
  • DEF CON 27: How to Take Over Internal IPs, Externally Recorded: Oct 30 2019 44 mins
    Elliott Thompson, Principal Cybersecurity Consultant
    As seen at DEF CON 2019, SureCloud's Principal Cyber Consultant continues his DEF CON presentation "[ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1".

    Your browser thinks our 192.168.1.1 is the same as your 192.168.1.1. Using a novel combination of redirects, Karma, JavaScript and caching, Elliott demonstrates that it’s viable to attack internal management interfaces without ever connecting to your network. Using the MICASA-SUCASA tool, it’s possible to automate the exploitation of hundreds of interfaces at once.

    This presentation will introduce the attack vector and demonstration of the MICASA-SUCASA tool. Elliott will also discuss his experience at DEF CON 2019 and the feedback regarding his tool post-release.

    - Covering old ground is sometimes valuable
    - Combining vulnerabilities can have a greater impact than the sum of their parts
    - Some router manufacturers make truly bizarre decisions

    DEF CON Presentation being continued: [ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1
  • Ethically Hacking into Children's IoT Devices Recorded: Jun 25 2019 46 mins
    Senior Security Consultant, Elliott Thompson
    Join Elliott Thompson, SureCloud's Senior Security Consultant as he discusses a critical disclosure discovered on the children's VTech Storio Max tablet, which allowed attackers full access to the device including the webcam, speakers and microphone.

    This interactive session will cover the following:

    •How to approach unusual devices from a methodology standpoint
    •Identifying how manufacturers can break a secure base (Android phone with Vtech software)
    •Triaging of the custom parts of devices
    •How accessible ARM assembly can be

    The disclosure was reported to VTech, and a patch fixing the vulnerability was released within 30 days. The vulnerability was granted a CVE, and the story was featured on the BBC and at InfoSec’s Geek Street.
  • Hacking Humans: Exploring Social Engineering as an Attacker and a Defender Recorded: Apr 30 2019 64 mins
    Luke Potter, Operations Director (Cybersecurity), SureCloud
    Currently, 75% of cyber-attacks start with social engineering. It is this part of penetration testing that centers around manipulation and deception, rather than trying to outsmart a machine. It is just as crucial to improve an organization’s security posture as it is to probe a network for vulnerabilities. But what does it look like in practice?

    Join SureCloud’s Operations Director (Cybersecurity), Luke Potter, as he discusses his research into social-engineering techniques.

    This session will cover:
    • Defining social engineering
    • Best lines of defense against a human pentest attack
    • The psychology behind influence and persuasion
  • Everything You Need To Know About OWASP SAMM 2.0 Recorded: Feb 28 2019 25 mins
    Cybersecurity Practice Manager, Chris Cooper
    The Open Web Application Security Project (OWASP) is developing version 2.0 of their Software Assurance Maturity Model (aka SAMM), and Chris Cooper, SureCloud’s Cybersecurity Practice Manager is part of the team currently working on the core model, with a focus around the new ‘Implementation’ business practice. In this webinar, Chris will be discussing the history of SAMM, evaluating the version 2.0 core model from a technical perspective, and the process that the SAMM team are undertaking.

    The session will cover:
    •Why SAMM 2.0 is being introduced
    •The innovative ways in which SAMM 2.0 is being created
    •How SAMM is modernizing its recommendations on how organizations build and deploy software
    •How to harness SAMM to conduct penetration testing in a more mature way
    •Some of the feedback that OWASP SAMM team has received from the version 2.0 beta

    Chris Cooper is a Tigerscheme Senior Security Tester (Web Apps) and a CHECK Team Leader.
  • Cybersecurity Attacks that will Actually Lead to a Compromise Recorded: Jan 15 2019 67 mins
    Luke Potter, Cybersecurity Practice Director, SureCloud
    Vulnerabilities exist in every system, and for some, the impact of an attack could be catastrophic, even business-ending. Often, these incidents are the result of a vulnerability that could be identified in a penetration test.

    In this webinar SureCloud’s Cybersecurity Practice Director, expert Penetration Tester, Luke Potter will discuss some of the real-life cyber-attacks his team has conducted including the work they have done with the BBC, Daily Mail, and Which? Magazine.

    The session will cover:
    •Targeted Phishing attacks
    •IoT and ‘Smart’ devices
    •Physical attacks including Social Engineering
    •Use of OSINT Techniques to Compromise Organisations
    •Password Analysis

    Luke Potter is a CHECK team leader, Tiger Scheme senior security tester, ISO 27001 lead auditor and Microsoft Certified enterprise administrator.
  • Ask the Expert: Penetration Testing Recorded: Jun 7 2018 11 mins
    Luke Potter, Cybersecurity Practice Director
    SureCloud's Cybersecurity Practise Director talks avoiding the pain of managing penetration test outputs in static PDF documents. Effective management of penetration test remediation activities. Demonstration of improvement and benefit following penetration test delivery. Why a better approach is needed to penetration test, specifically running it ‘as a service’ based engagement. Tracking, trending and analyzing data between multiple testing projects.
  • What is Ransomware and why it's time to simulate an attack? Recorded: Jan 31 2017 35 mins
    Luke Potter (Security Practice Director) & Elliott Thompson (Security Consultant)
    Learn how to detect, prevent and mitigate ransomware attacks. Our experts will cover: the current mitigation strategies, how they are bypassed and why, how attackers perform directly targeted attacks and why it's time for organisations to simulate their own attacks.
  • [Cybersecurity] Our Indigenous Apps: Securing Critical Business Data Recorded: Dec 6 2016 29 mins
    Senior Security Consultant, Christopher Cooper
    Despite the rise of the cloud and increased reliance on web applications, native desktop applications are still highly relevant and often the delivery method of choice in enterprise IT. As penetration testers, we still see a number of very poorly architected native applications being used to protect extremely sensitive information.

    This webcast will discuss some of the core issues relating to native desktop applications, why they are so frequent, and the severe impact that their insecurity can cause.

    In the 2017 threat landscape, we propose that these flaws are not going away, and the industry isn't currently in a position to help developers resolve them effectively.
  • The Evolution of the Penetration Test Recorded: Apr 12 2016 23 mins
    Toby Scott-Jackson, Principle Security Consultant, SureCloud and Chris Cooper, Senior Security Consultant, SureCloud
    The confluence of sophisticated cyber criminals, white hats and technological change means organisations are increasingly exposed to weaknesses and vulnerabilities in their networks, devices and applications.

    With a combination of expert security commentary and vulnerability trends, SureCloud will reveal the sophisticated nature of the latest attacks and what the future may hold. We will focus on modern exploits that go beyond the typical network and web application attack vectors.

    SureCloud will describe how organisations need to change their attitudes to security testing, considering the frequency and scope of assessments, and act on results in a timelier manner.
Cybersecurity Channel: Penetration Testing & Ethical Hacking
SureCloud also offers a wide range of Cybersecurity testing and assurance services, where we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Women In Cybersecurity: Roundtable Discussion
  • Live at: Mar 9 2020 4:00 pm
  • Presented by: Sinzi, Corisande, Phoebe, Sarah, Kiran and Lucy - SureCloud's Security Senoritas
  • From:
Your email has been sent.
or close