Martin Law – AgilityIS
Dr Simon Parkinson – University of Huddersfield
Bruno Brunskill – Trusted Management
Melanie Oldham – Bob’s Business Ltd
Martin Law started the day with a talk about the risks that businesses could face by looking at the internet of things and GDPR. Some key points to take away were the prevalence of state hackers from Russia and China are the biggest threats, plus the need for collaboration in order to mitigate these threats is the best approach to take. Also, under GDPR Tesco would have been fined £1.6bn for their recent data breach.
Dr Simon Parkinson followed by detailing his academic research and posed the question “What can we learn from the experts on vulnerability analysis?”
An important take from the presentation was the need stop blaming the user and for the experts to be accountable for mistakes.
Bruno Brunskill from Trusted Management opened his talk up to the room to de-mystify the subject of cyber security and how we can find a solutions to the problems today.
In his talk, he mentioned the need for businesses to understand the risk as there is an attitude of ‘it won’t happen to me’ surrounding data breaches. Cyber Essentials is a cheap and easy way for business to get common sense controls.
Melanie Oldham finished the morning by educating the delegates on how to make phishing campaigns engaging. By using the method showcased in Think Before You Click, Melanie broke down the faults that businesses make when undergoing phishing campaigns such as creating an us vs. them approach. Yet, Melanie also offered solutions such as creating a trusted environment by having open dialogue between IT, HR and employees. The key message to take from the presentation was “make it personal, make it collaborative and make it fun.”
In the afternoon, the agenda was as follows:
Martin Law of Agility IS presenting
The future of the YCSC
Key industry topics
Martin Law followed on his presentation in the morning by detailing more threats to businesses as well as examples of social engineering methods that have been used offline too; these include fake airline pilots and hacked CCTV cameras. He also went into detail about phishing and government resources that are available.
Following Martin’s presentation we discuss the future of the YCSC. We announced our next meetings:
17th May – hosted by EXA Networks, Bradford
Theme: Cyber Essentials
21st June – hosted by Data Protection People, Leeds
TBC – Lloyd’s Bank with ISSP & ISSA
It was mentioned that IISP and ISSA wish to collaborate with the Yorkshire Cyber Security Cluster and the event at Lloyd’s Bank fit in with the Cluster’s desire to present at large organisations to spread our cyber security message further.
Yorkshire Cyber Security Cluster will be compiling a calendar of future meetings including themes – making it easier for everyone to know when and where the meetings are and what issues will be discussed.
We ended the meeting with some key discussion points on recent industry topics:
Businesses would rather Google cyber security issues than use free resources
Youngsters enter cybercrime due to peer pressure and not money
Almost half of businesses have no cyber security plan.