What do you get called with a Hacker, a CISO (chief information security officer) and a Policeman in the same room sharing their stories of how they got into Cyber Security, real-world examples and key issues businesses need to address now?
Well it is the event ‘A Hacker, A CISO and A Policeman’ that I attended last week, it was in Aberdeen that I saw them and the event was also in Edinburgh as well, a really interesting thing to attend with some fascinating people and put together by the ‘The TechForce’ who provide Email Phishing, Security awareness training, Endpoint Security Software, Vulnerability Management and Cyber Essentials consulting for businesses.
They have done events previously that I actually missed out and am gutted about called ‘Hackers on Tour’ that took place in London, Edinburgh, Aberdeen, Glasgow and Manchester.
Hopefully, these two are the start of and not the end of events like these because they are truly interesting and informative.
Who was the Hacker?
Who was the CISO?
Who was the Policeman?
The hacker who was first to talk is Mike Jones, also known by his hacker name ‘St1nger’, he is a former member of Anonymous and ex-military as well. You can read more about him at these articles.
“I went into military intelligence after 9-11,” said Jones. “There was definitely an intelligence gap, and that’s where I wanted to be.”
Jones said his work with Anonymous started after he left the Navy and while he would not share specific details of some the group’s exploits, he said some of what he and the collective did was expose weaknesses in computer systems that can affect the general public.”
“I think that made a lot of us feel like less than citizens. When I look at my kids, jail is not somewhere I want to be.” He added: “The idea is disappearing. Guys are buying Anonymous masks at Party City, they’re running through the streets and starting fires with the Anonymous mask on, that’s not who we are. The idea was a pure idea and it was not physical or life-threatening.”
“A hacker is always going to get in some way; it might not be today it might not be tomorrow, but they will.”
“In this day and age of data loss, cyber-warfare, identity theft and ‘hacktivism’, it is more vital than ever before to know your adversary.”
He has a background in cryptology and has done several penetration tests for the Department of Defence, major financial institutions and casinos, he has seen both sides of security as a long-term member of various hacking groups he thinks the key to a good defence is knowing who you’re defending against.
The CISO was Malcolm Norman who Is the CISO for Wood (previously Woodgroup), he started off getting teacher training and then joined the military where he worked for 20 years before leaving and becoming CSO (Chief Security Officer) for AON.
“At present there is a well-publicised lack of cybersecurity professionals across the corporate, public and charity sectors. Such a gap is growing and is leading to an extremely fluid market with the average CISO allegedly remaining in post for just over 36 months.”
A genuine story about Police Scotland 🙂
As for the policeman, he is called Richard Taylor and I really couldn’t find much about him online but we were informed of his credentials at the event, he spent time on the beat for Police Scotland at first before spending time on the CID (Criminal Investigation Department) and then six years undercover before progressing through to doing Digital Forensics.
The event itself was great, we started at ten AM networking and getting a coffee/water before a welcome with introductions from Jai at The Tech Force.
Each of the three talkers had around fifteen minutes and talked about how they ended up where they are and how they feel it going in a business sense in the future.
The hacking talk was pretty much what is in the articles above about his history and journey which was interesting to hear, the CISO was all business and mainly aimed at the corporate type people in attendance and there was a great moment when someone in the crowd turned out to be an insurance man trying to get people interested in ‘Cyber Insurance’ and he kind of got the proverbial smackdown from Malcolm about how it is too much in its infancy for companies to use and there was a ten minute back and forth which was great.
Richard the policeman was a surprising talk as I enjoyed it more than I thought I would, he was speaking about how companies and the public need to work closely with the police as it is hugely under-reported with expected less than 10% of cyber dependent crimes being recorded in Scotland. He also spoke about the challenges of modern policing which was interesting also as they spoke about what they could do AFTER the threat was taken care of and what work needs to be done is essence to catch who is doing the crime rather than just helping fix the issue and the cyber threats to Scotland at present was an interesting subject too.
Although this has nothing to do with my practical learning and improvement in CyberSecurity and Ethical Hacking I wanted to post about it for record and so I can look back and remember what was spoken about and who it was talking.
Pictures of the event were from the twitter of Maribel Ayala over at https://twitter.com/maribel_ayala including this one here which shows my head very bottom right with the blue striped shirt and navy cardigan (cool kids sit at the back hahaha can i still be a kid at 41? No would be the answer i suppose).
With regards to me, have been slowly working my way through the networking videos mentioned on the previous post and am contemplating deleting my virtual lab so I can do a post on it as they’re a couple of little things I would like to make a record of.
Here is a link to The Techforce website below if you want a look, click the picture.