They say you always remember your first time. For me it was 1995 at the British Educational Training and Technology show at Olympia. The college I attended had a sponsorship deal with a company who were exhibiting and they wanted someone to talk about the use of IT in day to day education. While my contemporaries stared at their shoes I thrust my hand up and a few weeks later was being handed a full on Madonna wireless headset and presenting to an audience of bemused show visitors and stand staff who enthusiastically watched a 15 year old geek talk about using IT while a friend of mine used various trigger words to know when to change slide or quickly alt-tab to another application to make a point. Read More
Category: Blog Post
Inside out: managing the insider threat
News of a data breach at the UK software company Sage is a reminder of the potential damage which can be done by an insider. Sage is a FTSE 100 company and provides business management software for companies in 23 countries. It has reported the breach to the City of London police and has informed customers who they believe may have been affected that the personal informaton of employees at 280 firms may have been compromised by someone using an internal computer login. Read More
UK cybersecurity events: summer and autumn 2016
Conference season is in full swing, with a very successful Bsides London in June and Steelcon looking great for this weekend. To help plan ahead to autumn, check out our summary below. The cfp for the Sans European Security Awareness Summit ends today and more Manchester Bsides tickets will be available on Sunday. Read More
Cyber by any other name would smell as insecure: the language of security at Bsides London 2016
Photo by Sir Jester
At Bsides London 2016, I gave a presentation on a topic I’ve been thinking about for a long time: why we should embrace the term ‘cyber’.
There’s a tendency for the industry to roll its collective eyes at the term cyber. There’s an unwritten rule that it’s not credible, that it’s a buzzword which means nothing and is used by people who don’t really belong in the field. Actually, it’s not an unwritten rule at all: you see references to it in memes and tweets all the time. Obviously as someone who describes herself as a ‘cyber security consultant’ and publishes on this domain name, I don’t prescribe to that view. I wanted to speak at bsides about why, and why I would like more people in the industry to consider embracing cyber, too. Read More
How to Hack a Human: my infosec 16 keynote
Photo by Soraya Iggy
At Infosecurity 2016, I gave a keynote talk on the elements of human nature and social norms which make us so susceptible to social engineering attacks. Infosecurity invited me to give the keynote drawing on my background in sociology and experience helping organisations mitigate against social engineering. Read More
Would the real imposter please stand up?
Having had a number of separate conversations recently with people in this industry, some very experienced and incredibly well-respected, I was struck by how prevalent it is to feel like a fraud. This prompted me to do a quick twitter poll on so-called ‘Imposter Syndrome’. Read More