We’ve all got the memo now – security testing is good, but organisations need to do more to assess their holistic security approach. Whether it’s red teaming, a CBEST engagement or attack simulations - More is Better in testing the organisations ability to detect and respond to attacks.
However, none of these approaches are particularly constructive and tend to enhance barriers between security, monitoring teams and the business rather than removing them. In this session we’ll explore the problems with these approaches and learn about an alternative approach that builds trust and collaboration, and results in better buy-in to fixing problems.
----------------------------------------------------------------------------------
About the speaker
Andrew Scott is the Assurance lead for Scotland for Context IS. In this he works across industries to help clients mature their approach to security testing. Previously he ran one of Scotland’s leading Financial Services company’s security testing strategy where he aligned all testing efforts and increased the effectiveness of remediation activities. His approach addressed not only the technical teams, but also tackled the culture; increasing business awareness, responsibility and ownership of security.
Andrew has previously been a penetration tester, Windows and Firewall administrator, and has helped respond to multi-million dollar intrusions.
----------------------------------------------------------------------------------
Refreshments and networking from 6.00pm.
----------------------------------------------------------------------------------
About the organiser: This event is organised by the BCS Edinburgh Branch, find out more about the group at http://www.edinburgh.bcs.org/
----------------------------------------------------------------------------------
Things to note:
For overseas delegates who wish to attend the event please note that BCS does not issue invitation letters.
