Getting management to listen to you about vulnerabilities

It can be really annoying when you reach that point on the security maturity curve when you start to identify vulnerabilities, but management just don’t seem to care. No matter how much red there is in Nessus, you just can’t get the resources to address it, it’s like they just don’t understand. It’s almost like… Continue reading Getting management to listen to you about vulnerabilities

We suck at teaching the basics, because they’re dull!

From the outside, people either think InfoSec is all hoody wearing basement dwelling men-children popping shellz and catching cyber criminals or they are corporate cyber-police snooping on your web browsing and preventing people doing their jobs. And whilst there is a little bit of that, there is so so much more and because it’s not… Continue reading We suck at teaching the basics, because they’re dull!

Defending the world from WannaCry

People attending the 2009 BSides Liverpool got what they thought was a one-off chance to hear Jamie Hankins, who worked along side Marcus Hutchins on analysing and then sink-holing WannaCry, tell his side of how things unfolded. Jamie had originally said he didn’t want the video of the event releasing, but thankfully he recently relented… Continue reading Defending the world from WannaCry

The start of a journey …….

So, I make no secret of the fact I officially came into my career in security quite late in life. It had always been a hobby and I’d spent my time in the usual Support/Sysadmin/Developer/Engineer trenches before wandering off into Project Management and Middle Management. When I decided I really didn’t want to be a… Continue reading The start of a journey …….

Why?

The Online InfoSec community is dominated by Offensive Security Specialists (be that Pentesters, Red Teamers, Script Kiddies or whatever) , but the truth is between SOC Analysts, Vulnerability Managers, Compliance Experts, Risk Assessors, Security Architects, Threat Hunters, Malware Analysts, Firewall Specialists, Bug Bountry triagers and Security Engineers (to name but a few) in the industry,… Continue reading Why?