Synopsis
We’ve all got the memo now – security testing is good, but organisations need to do more to assess their holistic security approach. Whether it’s red teaming, a CBEST engagement or attack simulations - More is Better in testing the organisations ability to detect and respond to attacks. However, none of these approaches are particularly constructive and tend to enhance barriers between security, monitoring teams and the business rather than removing them. In this session we’ll explore the problems with these approaches and learn about an alternative approach that builds trust and collaboration, and results in better buy-in to fixing problems.
About the speaker
Andrew Scott is the Assurance lead for Scotland for Context IS. In this he works across industries to help clients mature their approach to security testing. Previously he ran one of Scotland’s leading Financial Services company’s security testing strategy where he aligned all testing efforts and increased the effectiveness of remediation activities. His approach addressed not only the technical teams, but also tackled the culture; increasing business awareness, responsibility and ownership of security. Andrew has previously been a penetration tester, Windows and Firewall administrator, and has helped respond to multi-million dollar intrusions.
More details: www.edinburgh.bcs.org
Tickets: www.eventbrite.co.uk
About BCS Edinburgh
The monthly meeting of the Edinburgh branch of the BCS is open to the public, free of charge, no registration needed.
Professional Awareness Courses are priced to be affordable to all.
University of Edinburgh Informatics Forum, 10 Crichton Street, Edinburgh, EH8 9AB