Hacked Off Secarma

Following audience responses to Pod 107 with Jason Blake, Secarma Jen Williams has circled back to do a deeper dive into the PSTI legislation and IoT devices.

With the legislation going live at the end of April, any manufacturers that have not yet found a successful route to show compliance should listen to this podcast which goes into finer detail with Jason Blake.

As IASME's IOT scheme manager, Jason shares a selection of ways to navigate the legislation and he and Jen discuss the ways to approach an accreditation that will also help any business and their devices to improve on the journey.

They also look at the wider implications around unsecured internet devices and the likelihood that governing bodies will levy some large fines early on to impress the importance of complying on manufacturers.

For more information regarding IOT and the PSTI legislation you can check out the resources section of the secarma.com website at https://secarma.com/resources/iot-and-psti/

Secarma Head of Testing, Simon Chapman, takes over the hosting duties as the Hacked Off podcast returns. Episode 107 focuses on IoT and the new regulations that are forcing manufacturers to place security at the heart of their devices. Simon interviews Jason Blake, IOT scheme manager at IASME and Jen Williams who heads up consultancy services at Secarma.

Jason talks us through the diverse world of IoT devices, from smart letter boxes to B2B moisture content monitors for farmers and explains why the need for tighter security regulation is long overdue.

Jen approaches the subject from a consumer perspective and poses the risks of a home network that has dozens of ‘always on’ devices connected and the average consumers understanding of this situation. How do we give consumers a confidence around IoT that has perhaps been eroded of late?

The panel discuss IASME’s IoT Cyber Secure Scheme and why it’s one of the simplest ways for manufacturers to give their devices the security health checks that they need.

You can find more IoT resources, particularly around the PSTI legislation at https://secarma.com/resources/iot-and-psti/
You can find out more about the IASME IoT scheme on their website at https://iasme.co.uk/internet-of-things/
Or on Secarma’s website at https://secarma.com/cybersecurity-services/consultancy/iot-cyber-scheme/

In this episode of Hacked Off, Holly interviews Simon McNamee - Secure Impact's Security Technology Lead. This week, they discuss what issues security experts often encounter when working with businesses; both those with a high level of security maturity, as well as those just starting off on that journey.

Holly and Simon offer some sage advice to organisations about getting the most out of their security services - it all starts with understanding the difference between these services and recognising what your business is ready for - and they also share some of their own experiences from different on-site engagements.

1:00 Defining Value
7:00 What happens when nothing happens?
10:50 Goals
13:42 Cyber Essentials & beyond
17:35 Are you ready for a pentest?
22:50 Simulating the bad guys
30:40 Creating a distraction
35:50 Not every attack is ransomware

Listening time: 43 minutes
Host: Holly Grace Williams, on behalf of Secarma
Guest: Simon McNamee, Security Technology Lead at Secure Impact Ltd

Connect with Simon: www.linkedin.com/in/samcnamee
Secure Impact: www.secure-impact.com

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

For some organisations, using Security Operation Centre services is a great way to minimise the impact of a possible cyberattack. Moving quickly and effectively, SOCs can detect, analyse and respond to breaches if an organisation doesn’t have the resources to do so themselves.

In this episode we spoke to Rob Demain – founder and CEO at e2e-assure – about the role of SOCs, today’s diverse threat landscape, and the importance of research and development when working in cybersecurity.

02:00 Why SOCs?
06:00 Building trust
13:35 Keeping up-to-date
15:40 Delivering the service
23:20 When disaster strikes
29:20 Working with SMEs
33:55 Security risks

Listening time: 42 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Rob Demain, founder and CEO at e2e-assure

Connect with Rob: www.linkedin.com/in/rob-demain-01733468
e2e-assure: https://www.e2e-assure.com/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

In the cybersecurity world, the digital forensics dept acts as the Crime Scene Investigation team for a business that has fallen foul of a cyber-criminal. DFI techniques are used to investigate and rectify the problems caused by the hack, and/or bring the perpetrator to justice. Similarly to traditional forensics, cyber incident response teams can find data to use as evidence in the investigation.

In this episode, we talk to David Barr – Principle CIRT Consultant at Secure Impact – about the day-to-day of digital forensics, how the scene is evolving, and what to expect from his talk at UnLocked: London Olympia.

00:35 Working in Digital Forensics
07:20 Research
09:20 Investigating the Incident
15:25 When is Digital Forensics needed?
20:10 Is Digital Forensics Evolving?
21:25 Preparing for Forensics Investigations
24:50 UnLocked: London Olympia
28:30 Careers in Digital Forensics

If this episode was of interest to you, you can catch more of David at UnLocked: London Olympia on the 28th September.
Tickets here: https://www.eventbrite.co.uk/e/unlocked-london-olympia-2021-tickets-153829914415

Listening time: 31 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: David Barr, Principle CIRT Consultant at Secure Impact

Connect with David: https://www.linkedin.com/in/david-barr-a2a639121/
Secure Impact: https://www.secure-impact.com/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

Valuing your SME as ‘too small to get hacked’ can leave you complacent and open to attacks, with little to no defences in place. For those who find cybersecurity daunting, there are organisations out there, ready to help.

In this episode, we talk to Declan Doyle – head of Ethical Hacking at the Scottish Business Resilience Centre – about cyber resilience, misconceptions around who can get hacked, and understanding clients to best help them stay secure.

00:26 What is the SBRC?
01:35 Resilience
02:55 Helping out
05:35 Misconceptions around size
07:49 Optics and tailoring services
19:55 Different pathways in Cyber
26:50 Engaging with SBRC

Listening time: 31 minutes
Host: Holly Grace Williams, MD at Secarma
Guest: Declan Doyle, head of Ethical Hacking at the Scottish Business Resilience Centre (SBRC)

Connect with Declan: https://www.linkedin.com/in/declandoyle/
SBRC: https://www.sbrcentre.co.uk/

Our website: www.secarma.com
Tweet us: www.twitter.com/Secarma
Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455