What is your favorite thing about Infosecurity Magazine?
I like the broad coverage of industry topics which tends to be thorough and impartial. The magazine is quick to cover the major news stories that affect the industry and is a go to resource for good summaries of what a professional in the industry needs to be aware of.
If your job as Guest Editor of Infosecurity became permanent, what new content stream would you introduce?
A regular commentary column on social engineering and people based stories joining the dots between the technical and the people side of the industry.
How do you describe to your (non-industry) friends what your job is all about?
This depends on the “friend” in question. Mostly I tell them that I break security systems through working with people, a bit like a “normal hacker” but without using technology. They tend to raise their eyebrows and say “a bit like a burglar?” and I say “no, exactly like a burglar.” This gets a variety of responses!
What makes you really angry about our industry?
I hate plagiarism and self-serving conference talks that have no real content, delivered by people who don’t do the job and have no real experience in what they are talking about. I’d urge people to be discerning about what they believe and look behind the presentation to what is really being said.
I mean, I read a lot of cookery books but I don’t claim to be a chef! Be wary of fake news, snake oil and false prophets!
What gives you hearts in your eyes?
I love the way the community supports people when they need help. When I see genuine support for people who need career advice, introductions or just a break to get into the industry it makes me very proud to be a part of the infosecurity community. I also love the way that on the whole, we acknowledge our weaknesses, discuss them at length and try to address them. It’s a very open, generous and welcoming body of people on the whole and that is something we should be proud of!
What’s the best conference talk/keynote/seminar you’ve ever attended?
Whilst I’d give honorable mentions to Rik Ferguson, Thom Langford and Graham Cluley all of whom are consistently excellent and give brilliant talks, the stand out talk for me was Bennet Aaron’s on identity theft. By turns shocking, informative and of course hilarious, I was impressed professionally, enlightened and entertained.
What infosec technology could you not live without?
Well, as a non-techy it’s a bit of a dull answer, but I cannot live without my phone. It’s a professional necessity both to run the business and as a pen-test tool. I would be lost without it!
What’s your dream infosec job?
I’d love to coordinate a huge conference! Speaking at so many events means I see what works and what doesn’t and I’d love to have a crack at putting together a major event.
If you could have founded any information security vendor, which would you choose?
I couldn’t name just one, but I will say that I love the vendors who are innovative, inclusive and original. I think how vendors respond after a crisis is indicative of character and should be a gauge for whether clients put their business with them.
What is the biggest unresolved information security challenge?
I am of course going to say that the Human Factor remains a challenge. Where people are involved there will always be vulnerabilities and we need to grasp that this is as complex an issue as any technical problem that might arise. I think though that the industry absolutely recognizes this and try really hard to address what is always going to be a moveable feast.
However, we can never really “patch the people’ only learn to work better with them, and that is a challenge that will continually need to be addressed, and can never be really “resolved!”
What’s your guilty pleasure?
Cleaning. Make of that what you will!
What’s your favorite Christmas movie?
Die Hard. And I will defend it as a real Christmas movie to the death!