Our CyberTech Talks podcast is a new channel from CREST that will deliver insight, ideas and thought leadership to drive engagement with member companies, industry professionals, stakeholders and the global cyber security community generally. Episodes are due to be released fortnightly and will cover a range of topics from those focusing on technical matters to those discussing developments in the cyber security industry. The CyberTech Talks podcast is available on most platforms.
Ep 1 – The Borderless World of Cyber Crime with Greg Francis & Rob Harris
In this episode, you’ll hear from Greg Francis, a Cyber Crime Prevention Specialist and Rob Harris, a Cyber Crime Subject Matter Expert and Consultant. With their law enforcement backgrounds, they talk about the landscape of cyber crime today, how you can’t ‘police’ it in the traditional way and they break down the UK 4P strategy (to Protect, Prepare, Prevent and Pursue).
Ep 2 – The Value of Cyber Non-Profits with Tom Brennan & Tony Sager
In this episode, you’ll hear from Tom Brennan, Executive Director of CREST Americas & Tony Sager, Senior Vice President and Chief Evangelist for CIS® (The Center for Internet Security). Tom and Tony tell us the story of how they met, how they got into this sector and why non-profits are so valuable in the cyber ecosystem. Both CREST and CIS are members of Nonprofit Cyber, a coalition of global non-profit organisations to enhance joint action to improve cybersecurity.
Ep 3 – Analysing a Country’s Cyber Security Ecosystem with Nigel Harrison & Katy Caie
Nigel Harrison MBE and Katy Caie MA talk about their involvement in CMAGE and their insight into some of the ‘stand out’ aspects of the CMAGE approach to cyber security maturity assessments. CMAGE stands for Cyber Security Maturity Assessment of the Global Ecosystem and was developed by CREST International and funded by a grant from the Bill & Melinda Gates Foundation, to enable an overall assessment on a nation’s cyber security posture.
Ep 4 – How Penetration Testing Reporting is Evolving with Shaun Peapell & Tom Ellson
In this episode, we hear from penetration testing experts Shaun Peapell (Vice President Global Threat Services, Rootshell Security) and Tom Ellson (Head of Offensive Security, JUMPSEC) as they discuss reporting – why it’s an important aspect of penetration testing, where it’s at currently and how they see it evolving.
Ep 5 – Bitlocker Ransomware Prevention, Detection and Response with Zaza Handy & Jan-Eric Herting
Zaza Handy and Jan-Eric Herting, Senior Digital Forensics and Incident Response Consultants from NTT, discuss ransomware trends, the re-emerging threat of Bitlocker and how to prevent, detect and respond to a Bitlocker ransomware attack.
Ep 6 – Neurodiversity in the Cyber Security Workplace
Nathan Chung, Kassandra Pierre, Lisa Ventura, Edd Hardy and Stephanie discuss their experiences with neurodiversity and working in cyber, why people are often diagnosed later in life, what you can do as a manager to support your team and why creating a more inclusive work environment is beneficial to all.
Ep 7 – Leveraging Network Intrusion Detection Systems for Incident Response with Aaron Card & Zaza Handy
In this episode, NTT incident responders Aaron Card and Zaza Handy discuss the benefits of leveraging Network Intrusion Detection controls for incident detection and response.
Ep 8 – Incident Containment 101 with John Rogers & Mehmet Mert Surmeli
John Rogers (Head of Incident Response) and Mehmet Mert Surmeli (Principal Incident Response Consultant) from WithSecure break down what incident responders consider when timing and formulating a containment strategy, discussing the striking point and sharing case studies.
Ep 9 – Tips for Veterans Transitioning into Cyber with James Murphy, Andy Woolhead & Josh Keeley
If you’re a veteran looking to transition into the cyber security industry, this episode is made for you. We brought together three veterans who now work in cyber – James Murphy (the Director of TechVets), Andy Woolhead (CREST’s Global Head of Product) & Josh Keeley (Director & Co-Founder of Trident Search). They build on their experiences transitioning from the military to cyber to talk about how to upskill, the importance of finding a mentor and networking in the industry, and tips for finding the right job and company for you.
Ep 10 – The Rise of the SBOM with Jon Geater, Tony UcedaVélez, Caleb Davis & Matthew Freilich
This episode, our experts provide insight into the SBOM (which stands for a “Software Bill of Materials”). We’re joined by Jon Geater (CTO at RKVST), Tony UcedaVélez (CEO & Founder, VerSprite & Vice-Chair of CREST’s Penetration Testing Focus Group Sub-Committee), Caleb Davis (Senior Manager – Emerging Technologies at Protiviti) & Matthew Freilich (Director at Protiviti). They discuss the rise of the SBOM – sharing their experiences, lessons learned as practitioners, insight into tools and where an SBOM can help.
Ep 11 – What is the CyberUp Campaign? with Ollie Whitehouse & Rob Dartnall
CREST recently became an official supporter of the CyberUp Campaign. CyberUp is leading the push for cyber security legislation that is fit for the challenges and threats of the 21st century.
We’re pleased to bring you a conversation between Ollie Whitehouse, the founder of BinaryFirefly and spokesperson for the CyberUp Campaign & Rob Dartnall, Chair of CREST’s UK Council & CEO of SecAlliance. They discuss the genesis of the UK’s Computer Misuse Act 1990 and why there is a need for reform.
Ep 12 – Australia’s New Cyber Security Strategy with Nigel Phair & Chathura Abeydeera
This episode’s guests are Nigel Phair, Chair of CREST Australasia and Member of CREST’s International Council, and Chathura Abeydeera, a CREST Australasia Advisory Board Member, Assessor & Member of the International Council. Together they discuss the Australian Government’s Cyber Security Strategy and their thoughts on the discussion paper that was recently released.
Ep 13 – The Role of Human Factors in Defence Against Cyber Attacks with Professor Lynette Ryals OBE & Dr Nikki Williams
This episode’s guests are Professor Lynette Ryals OBE & Dr Nikki Williams from MK:U, part of Cranfield University which is a CREST Academic Partner. Lynette and Nikki discuss why there is a rising incidence of cyberattacks, the role of human factors in defending against them and share their top tips for how both companies and individuals can protect themselves. They also explore the skills gap in the industry and pose the question: how do you train up a cyber expert?
Ep 14 – Making Cyber Threat Intelligence More Inclusive with Rebecca Taylor & Karla Reffold
This episode’s guests are Rebecca Taylor (Threat Intelligence Knowledge Manager at Secureworks) and Karla Reffold (COO at Orpheus Cyber). They discuss methods of sharing threat intelligence and consider the tweaks we can all make to ensure CTI is more accessible and useful to more people. Rebecca and Karla also explore what the future of threat intelligence might look like.
Ep 15 – Threat Intelligence Sharing with Jordan LaRose & Mick Reynolds
Jordan LaRose (Global Director of Infrastructure Security at NCC Group) & Mick Reynolds (Director of Intelligence at SecAlliance) discuss cyber threat intelligence, focusing on 3 key areas. Why we should share cyber threat intelligence and the benefits that come from this, how that intelligence can be shared and the types of intelligence that we should be looking to share across the different levels of intelligence itself.
Ep 16 – The Role of AI and Large Language Models in Cyber Security with John Lodge, Ramesh Naidu & Shaun Lynn
John Lodge (Socura), Ramesh Naidu (Vigilant Asia) & Shaun Lynn (Socura) discuss How Security Operation Centers might leverage AI in the coming years and how large language models could be used within the security tools themselves. They also talk about how it might be used for deception and the ways in which threat actors might leverage LLMs.
Ep 17 – Red Teaming the Cloud: A Shift in Perspective with Max Corbridge, Sunny Chau & Francesco Lulio
This episode, we’re pleased to share a conversation about Red Teaming the Cloud between JUMPSEC’s Head of Adversarial Simulation, Max Corbridge & Cyber Security Consultants Francesco Iulio and Sunny Chau. They discuss the shift in perspective necessary for red teamers when targeting cloud environments.