Human Factor Security

Jenny chats with Steve Lord, co-founder of 44CON about the origins of the event, the idea behind it and what's coming up at the ILEC in London.  The training is taking place between 9 - 11th September 2019 and the conference is taking place between 11 - 13th September 2019.  To find out more and go book your ticket click the link to their website here.  To follow 44CON on Twitter click the link here.  To follow Steve Lord on Twitter click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

In response to Episode 104, this third episode in the semi-regular series, the Tin Foil Hats Club, Jenny chats with a previous guest,Patricia Vella. Taking the theme of the recent infrastructure failures from Episode 104, Patricia shares her extensive knowledge and experience on cascade events can cause the issues experienced and how planning for such incidents are key to mitigating their impact.  To follow Patricia on Twitter click the link here.  To visit Patricia's website click the link here.  Don't forget, to get in touch with me either try the contact page of the site or follow me on Twitter, where I can be found at @Jenny_Radcliffe  

In the second of this semi-regular series, the Tin Foil Hats Club, Jenny chats with a previous guest, Philip Ingram MBE. They discuss the recent infrastructure failures the UK experienced, trying to cut through the noise to establish if they were part of a coordinated attack, what it means for the UK and why would such an attack take place.  Look below for the links mentioned during the conversation.  Philip Ingram's previous appearance on the Human Factor Security Podcast, click here to access that episode.  Click here for the link to Philip's excellent article covering the issues of the failures.  Click here for the Amazon link to the book recommended by Philip, Intercept: The Secret History of Computers and Spies (Gordon Cerera) Don't forget, to get in touch with me either try the contact page of the site or follow me on Twitter, where I can be found at @Jenny_Radcliffe  

David is a highly skilled program director who has national and international experience in Financial Services, Business Intelligence, National Security and Cyber, Smart Meters and IoT, amongst others.  He has developed digital, technology, data integration and security strategies for e-health, smart meters, national security, border control, e-learning, cloud, cyber security and desktop. Listen to them chat about working in governmental circles, with the challenges that brings, as well as looking at psychological factors that need to be considered when looking at risk within an organisation.  CISO Defenders of the Cyber Realm (Mike Loginov) Zero Dark Thirty (Blu-Ray) To follow David on LinkedIn click the link here. Don't forget you can also follow Jenny on Twitter by clicking the link here.

Alyssa Miller has a passion for security and her goal is to change the way we look at the security of our interconnected way of life and focus attention on defending privacy and upholding trust. She evangelizes her message about evolving the way people think about and approach security, privacy and trust through speaking engagements at various conferences and other events. Listen in as we learn how Alyssa took her first steps into the world of infosec, how important the right sort of leadership is and how being a football/soccer referee crosses over into handling situations in the security world.   Sneakers (DVD) To follow Alyssa on LinkedIn, click the link here.  To follow Alyssa on Twitter, click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

Andy is a hacker at heart, who's always been interested in taking things apart and sometimes even putting them together again(in-fact he spent a good few years in computer repair and data recovery). As his day job, Andy works as a senior penetration tester who is capable of delivering a wide spectrum of assessment types. These include; web applications, external & internal infrastructure, open source intelligence gathering, configuration reviews and many more. To check Andy's site out, click the link here.  To check out Andy's YouTube channel, click the link here.  To check out Andy's book, click the link here.  To check out Andy's talks, click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.  

Philip Ingram MBE BSc MA is a journalist specialising in the security, counter terror, defence and intelligence arenas. His knowledge is built from a long and senior military career as an intelligence and security officer, and strategic planner, with business experience at board level in the steel industry and security media (marketing) industry; he maintains a close interest in global events.  When not, key note speaking, chairing events, commenting for national and international press outlets or writing on security and intelligence, Philip runs his own media company, Grey Hare Media. Unsurprisingly it specialises in delivering informed content. The Art of War (Sun Tzu) The Hewlett Packard Mars Advert Link Grey Hare Media Website Link to the Blog Section of Grey Hare Media To follow Philip on Twitter click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

Christian has spent his career successfully disrupting traditional approaches to information protection and management for large international organisations. From a career in end user security, moved into Big 4 Consulting to build a practice around ‘CISO for Hire’ services that involved engagements with financial and insurance services clients. Leaving PwC after nearly 3 years, joined Pinsent Masons to lead their information protection strategy across a firm of over 3200 employees around the globe. Listen to him chat with Jenny about the cultural complexities of woking for a global company, how sometimes it is best to ignore a queue and practical tips on getting into an invite only party.  To find out more about the Smashing Security podcast Christian recommended, click the link here.  To view Christian's LinkedIn profile click here.  To follow Christian on Twitter click here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

Jake Moore is a Cyber Security Specialist for ESET. He previously worked for Dorset Police spanning 14 years primarily investigating computer crime in the Digital Forensics Unit on a range of offences from fraud to murder. Within law enforcement powers, he learnt how to retrieve digital evidence from all devices whilst engaging in a variety of ways to ethically break security in order to help protect innocent victims of cyber rime. He then became a cyber security consultant in the Cyber Crime Unit delivering tailored advice to the public and local businesses in order to help protect the community and build upon their security foundations. Hello World: How to be Human in the Age of the Machine (Dr Hannah Fry)  To view the Jake Moore ESET YouTube Playlist click on the link here. To follow Jake on Twitter click the link here.  To follow Jake on LinkedIn click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

Richard Hollis is the Chief Executive Officer for Risk Factory Ltd, a European information security risk management consulting firm specialising in providing effective, independent information risk management services. As a Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control, (CRISC), Certified Protection Professional (CPP) and a Payment Card Industry (PCI) Qualified Security Assessor (QSA), Richard possesses extensive hands on skills and experience in designing, implementing and managing and auditing information security programs. Over the course of his career Richard has served as Director of Security for Phillips, Paris, and Deputy Director of Security for the US Embassy Moscow Reconstruction Project as well as a variety of sensitive security positions within the US government and military. In addition to his work with Orthus, Richard serves on several security technology company boards and security industry advisory councils. A celebrated public speaker, Ric

Phill Kimpton has been a Security Consultant for 18 months now, with no previous IT experience. He's passionate to continue developing his skills as a tester and takes great delight in helping others looking to follow the same path. In his spare time he can be found on Twitter, in the gym or jumping out of a perfectly serviceable aircraft.   Jenny was delighted to be joined by Phil Kimpton aka phr33fall to talk about skydiving, careers and his determination to get into the information security business.  Phil's story is a real testimony to determination, persistence and focus and he offers great advice on how to find resources, pursue the career you want and skydive(!)   A real pleasure to speak to such an inspirational person, thank you so much for a great interview Phil.   Can't Hurt Me (David Goggins)    Meaningful Money Podcast    To watch the BSides Glasgow talk, by Phil, click here.   To visit Phil's website click here.    To follow Phil on Twitter click here.    Don't forget you can also follow Jenny

Thom Langford, the founder of (TL)2 Security Ltd, returns to the show. Listen in as he and Jenny discuss the creation of his consultancy business, his approach to working with clients and his views on the state of the industry.  To visit the (TL)2 Security Ltd's website click the link here.  To visit Thom's personal site, with his presentations, click here.  To follow Thom on Twitter click the link here.  Don't forget you can also follow Jenny on Twitter by clicking the link here.

Meadow is a hardware security dark witch with a keen eye and open heart to how normal users take what we, the security nerds, provide them with. Meadow also specialises in automation for the purpose of removing humans from the equation and is a firm believer in security serving normal users, not the other way around. Nothing makes her happier than being able to help others, be it with her job, the information security community work or by means of random Twitter threads - maybe apart from banging her head to some dark metal. To watch Meadow's BSides London talk click the link here.  To watch Meadow's BSides Leeds talk click the link here.  To follow Meadow on Twitter click the link here.  Catch 22 (Joseph Heller) Fail-Safe (Eugene Burdick) Dr Strangelove (DVD) 2001: A Space Odyssey To help the podcast, consider supporting via Patreon, where we produce content and merchandise for the listeners who regularly support the show.  Become a DAWN RIDER or TRIBE MEMBER and receive bonus shows with analysis, discussi

Leading the sales team at Next Generation Security is the latest incarnation for Paul who has wide industry experience and strong opinions on the information security industry, lifelong learning and how sales professionals should go about doing their job.  Pulling no punches, this is a fascinating interview that covers how this infosec professional sees the industry now, how to start out in your security career and why a people focus still matters even when you deal with the tech.  Thank you for a great interview Paul! To connect with Paul via LinkedIn click the link here. To follow Paul on Twitter click the link here.  To visit Paul's site click the link here.  Sapiens (Yuval Noah Harari)  Influence (Robert Cialdini) Pre-Suasion (Robert Cialdini) Body of Secrets (James Bamford) The Shadow Factory (James Bamford)  To help the podcast, consider supporting via Patreon, where we produce content and merchandise for the listeners who regularly support the show.  Become a DAWN RIDER or TRIBE MEMBER and receive bo

Mo has extensive experience in helping organisations with the cultural and behavioural side of cyber security. He has gained this experience in roles across the public and private sector having worked on business as usual activities, security improvement programmes, transformation projects, large scale implementation programmes as well as projects that have had media coverage. Listen in to Mo and Jenny explore culture in organisations and how best to bring about positive change in any environment. We find out that empathy is a vital tool when trying to understand what people are thinking and feeling, as well as why.  Deep Work (Cal Newport)  Enter the Dragon (Blu-Ray) To check Mo out on LinkedIn click here.  To help the podcast, consider supporting via Patreon, where we produce content and merchandise for the listeners who regularly support the show.  Become a DAWN RIDER or TRIBE MEMBER and receive bonus shows with analysis, discussion and tips on the Human Factors that impact on the security of us all. To

Dr. Lydia Kostopoulos consults on the intersection of people, strategy, technology, education, and national security. She addressed the United Nations member states on the military effects panel at the Convention of Certain Weapons Group of Governmental Experts (GGE) meeting on Lethal Autonomous Weapons Systems (LAWS). Formerly the Director for Strategic Engagement at the College of Information and Cyberspace at the National Defense University, a Principal Consultant for PA and higher education professor teaching national security at several universities, her professional experience spans three continents, several countries and multi-cultural environments. She speaks and writes on disruptive technology convergence, innovation, tech ethics, and national security. She lectures at the National Defense University, Joint Special Operations University, is a member of the IEEE-USA AI Policy Committee, participates in NATO’s Science for Peace and Security Program, and during the Obama administration has received the

Thomas has over 30 years of experience in the IT industry ranging from software development to infrastructure & network operations and architecture to settle in information security. He has an extensive security background covering roles from incident responder to security architect at fortune 500 companies, vendors and consulting organisations. He is currently security advocate and threat researcher focused on advising companies on understanding their data protection activities against malicious parties not just for external threats but also compliance instigated. Thomas is also an active participant in the InfoSec community not only as a member but also as director of Security BSides London, ISSA UK chapter board member and speaker. For Thomas's LinkedIn Profile click here For Thomas's Twitter handle click here  Son of Heaven - Chung Kuo Book 1 (David Wingrove) Star Wars Episodes IV-VI BluRay Don't forget, to get in touch with me either try the contact page of the site or follow me on Twitt

In this episode @LargeCardinal aka Mark Carney talks about his wide ranging career in IT and retro computers. His unusual route into the profession, and his views on the industry. A fellow Liverpudlian Mark has expertise in many different areas and is the founder of Bsides Leeds.   Hacker & Mathmo, formerly a Musician; Having started out on helpdesk in a software firm, then becoming violinist with a degree in Music w/ Philosophy via being a DBA for a firm, Mark then went on to do an MSc and now full-time PhD study in Mathematics. This rounded off several years getting into the infosec industry, having been a pentester, then a researcher for Security Research Labs in Berlin, Mark is currently contracting whilst he completes his Ph.D.   To follow Mark on Twitter click here for his handle @LargeCardinal.   Click here for Mark on LinkedIn   Click here to listen to the BSides Leeds Podcast episode from the BSides Liverpool podcast.    Hackers (Blu-ray)   Penetration Testing (Georgina Weidman)    Practical Rev

Ed Tucker is the co-founder of Human Firewall, an operationalised security awareness platform that enables a single employee to protect the whole organization. Ed is also co-founder of EmailAuth, a solution designed to increase adoption of DMARC, providing enhanced email deliverability and customer protection. Ed was previously CIO at security startup DP Governance and prior to that head of cybersecurity at HM Revenue & Customs. He was the 2017 European Chief Information Security Officer of the Year, UK Security Professional of the Year, and Security Leader of the Year and has been widely recognised for his honesty and in sharing best practice with the wider security world. Mythos (Stephen Fry) Heroes (Stephen Fry) Human Firewall Website Link Don't forget, to get in touch with me either try the contact page of the site or follow me on Twitter, where I can be found at @Jenny_Radcliffe  

Liz Hardwick is Co-Founder of DigiEnable, an award-winning Digital Training & Services Company, based in Lancashire. She designs and delivers tech-based and online marketing workshops and is a professional speaker, appearing at conferences and events across the UK and beyond. Liz’s career started in broadcasting working for a number of the major radio and television companies, as well as spending a number of years creating media for charities prior to starting her own business.  She is a published author, volunteers for a number of non-profits and is listed as one of the UK's Digital Leaders 100. She's a proud Northern Lass, a self-confessed geek, loves tweeting and supporting other women in(to) Tech. She is currently Chair of the National BECTU Sector Women’s Committee, sits on the National Sector Executive Committee for Prospect, and is a director of Digital Lancashire. Liz was in the press last month, after being awarded 3 different national awards for her work and is always striving to inspire future