What Ben learnt at his most recent Cyber networking event
Ben Craig is our Principal Consultant at InfoSec People, specialising in contract recruitment across the cyber security sphere. An expert in his field, Ben dedicates a lot of time to attending events which will ensure his knowledge surrounding cyber security is always up to speed with the rapidly changing industry. Importantly, Ben is committed to further developing his understanding of challenges faced in the recruitment and retention of cyber roles, a challenge faced by a lot of UK businesses. Last Wednesday evening saw Ben at an event in London, hosted at the incredible AON offices. This event was seminal for industry collaboration, being the first event to bring the CSA, ISSA UK and ISC2 together to discuss challenges to the security industry and keys to the future.
Ben was especially keen to attend this event as there was a heavy focus on social engineering, a topic which is an ever-growing concern to his clients:
“Social engineering is huge in cyber security because it impacts everybody. Stuart Peck (ZeroDayLab) gave an excellent talk where he demonstrated how easy it was to infiltrate businesses using social engineering and gave insights into the human element of security. All of this further reinforces the need for strong security experts within businesses to teach staff and colleagues about the tactics hackers use to breach a business.”
A truly expert event, there was also a panel discussion featuring industry leaders. Ben’s question of What is the biggest threat to an organisation at this moment in time? was fielded by Liz Banbury, Head of Information & Cyber Policy at Standard Chartered Bank. Liz explained that there were several, and that it went beyond the common threat of data leaks and breaches: political unrest in Hong Kong, the effects of Brexit, digitising traditional banking for younger generations and the sheer volume of regulations surrounding her role (c. 3000!) all add up to make keeping a bank – or any business – watertight incredibly challenging.
Another line of discussion amongst the panel was the disparity in salaries between the US and UK, as Ben explained: “As a nation we do not seem to embrace that specialists are worth paying for, and perhaps that contributes to our perceived ‘skills shortage.’ In the US, the average salary for a Cloud Security architect is $250k (around £205k) while the UK salary tops out at £80k! A major way to help minimise the skills gap would be to remunerate appropriately, or we will continue to lose SOC team talent to America or else to appropriately paid contract roles.”
Continuing the theme of a skills shortage, Ben’s key takeaway from the event was regarding future-proofing the industry by teaching cyber in schools: “Cyber is not currently taught as part of the curriculum at either GCSE or A-level, and that doesn’t look likely to change any time soon. Because of this, the number of students who optionally studied IT progressing to do cyber degrees is minimal. As an industry, we need to address this concern and ask what we could be doing differently to encourage young people into cyber careers and develop the future stars of the industry.”
To discuss your own cyber security policy and teams, get in touch on 01242 507100 or email us.