Hacked Off Secarma

In this episode of Hacked Off, Holly interviews Simon McNamee - Secure Impact's Security Technology Lead. This week, they discuss what issues security experts often encounter when working with businesses; both those with a high level of security maturity, as well as those just starting off on that journey.

Holly and Simon offer some sage advice to organisations about getting the most out of their security services - it all starts with understanding the difference between these services and recognising what your business is ready for - and they also share some of their own experiences from different on-site engagements.

1:00 Defining Value
7:00 What happens when nothing happens?
10:50 Goals
13:42 Cyber Essentials & beyond
17:35 Are you ready for a pentest?
22:50 Simulating the bad guys
30:40 Creating a distraction
35:50 Not every attack is ransomware

Listening time: 43 minutes
Host: Holly Grace Williams, on behalf of Secarma
Guest: Simon McNamee, Security Technology Lead at Secure Impact Ltd

Connect with Simon: www.linkedin.com/in/samcnamee
Secure Impact: www.secure-impact.com

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

For some organisations, using Security Operation Centre services is a great way to minimise the impact of a possible cyberattack. Moving quickly and effectively, SOCs can detect, analyse and respond to breaches if an organisation doesn’t have the resources to do so themselves.

In this episode we spoke to Rob Demain – founder and CEO at e2e-assure – about the role of SOCs, today’s diverse threat landscape, and the importance of research and development when working in cybersecurity.

02:00 Why SOCs?
06:00 Building trust
13:35 Keeping up-to-date
15:40 Delivering the service
23:20 When disaster strikes
29:20 Working with SMEs
33:55 Security risks

Listening time: 42 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Rob Demain, founder and CEO at e2e-assure

Connect with Rob: www.linkedin.com/in/rob-demain-01733468
e2e-assure: https://www.e2e-assure.com/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

In the cybersecurity world, the digital forensics dept acts as the Crime Scene Investigation team for a business that has fallen foul of a cyber-criminal. DFI techniques are used to investigate and rectify the problems caused by the hack, and/or bring the perpetrator to justice. Similarly to traditional forensics, cyber incident response teams can find data to use as evidence in the investigation.

In this episode, we talk to David Barr – Principle CIRT Consultant at Secure Impact – about the day-to-day of digital forensics, how the scene is evolving, and what to expect from his talk at UnLocked: London Olympia.

00:35 Working in Digital Forensics
07:20 Research
09:20 Investigating the Incident
15:25 When is Digital Forensics needed?
20:10 Is Digital Forensics Evolving?
21:25 Preparing for Forensics Investigations
24:50 UnLocked: London Olympia
28:30 Careers in Digital Forensics

If this episode was of interest to you, you can catch more of David at UnLocked: London Olympia on the 28th September.
Tickets here: https://www.eventbrite.co.uk/e/unlocked-london-olympia-2021-tickets-153829914415

Listening time: 31 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: David Barr, Principle CIRT Consultant at Secure Impact

Connect with David: https://www.linkedin.com/in/david-barr-a2a639121/
Secure Impact: https://www.secure-impact.com/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

Valuing your SME as ‘too small to get hacked’ can leave you complacent and open to attacks, with little to no defences in place. For those who find cybersecurity daunting, there are organisations out there, ready to help.

In this episode, we talk to Declan Doyle – head of Ethical Hacking at the Scottish Business Resilience Centre – about cyber resilience, misconceptions around who can get hacked, and understanding clients to best help them stay secure.

00:26 What is the SBRC?
01:35 Resilience
02:55 Helping out
05:35 Misconceptions around size
07:49 Optics and tailoring services
19:55 Different pathways in Cyber
26:50 Engaging with SBRC

Listening time: 31 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Declan Doyle, head of Ethical Hacking at the Scottish Business Resilience Centre (SBRC)

Connect with Declan: https://www.linkedin.com/in/declandoyle/
SBRC: https://www.sbrcentre.co.uk/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

The medium of cyber-attacks is code, but the mastermind that drives them is always human intelligence. Systems are created by people, and automated tech still can't understand every nuance that humans embed into them.

In this episode, we talk to Nick Blundell – head of R&D at AppCheck – about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach.

00:50 Will automation take over?
04:25 Scanning or Pentesting: the pros and cons
17:30 Issues with automation
22:00 Weak systems
52:50 A blended testing approach

Listening time: 1 hour 5 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Nick Blundell, head of R&D at Appcheck

Appcheck: https://appcheck-ng.com/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

In a time of record unemployment due to the pandemic, it’s strange that cybersecurity job openings receive so little applicants and take 20% longer to fill than typical IT roles. Is there a cyber skills shortage, or are we simply looking in the wrong places?

In this episode, we talk to Greg van der Gaast – CISO at Scoutbee GMBH and author of Rethinking InfoSec – about how we can rethink the cyber hiring process and role requirements, in order to find many more suitable candidates. We also touch on diversity, the role of HR, and building stronger enterprising teams.

00:28 Security in supply discovery
02:30 Rethinking InfoSec
09:20 Synergy
12:00 Resourceful recruitment
17:50 Finding the right fit
20:18 Health, safety, and growth
27:44 The role of HR

Listening time: 32 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Greg van der Gaast, CISO at Scoutbee GMBH and author of Rethinking InfoSec

Scoutbee GMBH: https://www.linkedin.com/company/scoutbee/
Connect with Greg: https://www.linkedin.com/in/gregvandergaast/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455