Whole organisation testing without the pain
Wednesday 3rd April 2019, 6:45 pm.
Speaker: Andrew Scott, Context IS
Venue: Room 4.31, University of Edinburgh Informatics Forum, 10 Crichton Street, Edinburgh.
Refreshments and networking from 6:00 pm.
This event is free of charge and open to all, though please register via Eventbrite: https://bcsedin030419.eventbrite.co.uk/
Please note that this talk will start 15 minutes later than our usual time of 6:30pm. This is to give the speaker adequate time to get to the venue.
We’ve all got the memo now – security testing is good, but organisations need to do more to assess their holistic security approach. Whether it’s red teaming, a CBEST engagement or attack simulations - More is Better in testing the organisations ability to detect and respond to attacks. However, none of these approaches are particularly constructive and tend to enhance barriers between security, monitoring teams and the business rather than removing them. In this session we’ll explore the problems with these approaches and learn about an alternative approach that builds trust and collaboration, and results in better buy-in to fixing problems.
About the speaker