SC: Video Interview: Bankers v hackers with Dr Luke Hebbes

Security professionals can't afford to work in isolated bubbles when the attackers are openly sharing information about system vulnerabilities, says Dr Luke Hebbes, Kingston University, in our SC: Video Interview series.

Security professionals tend to work in their own little bubbles and as a result can miss the bigger picture and slow response times or cause them to miss the obvious altogether. 

That's according to Dr Luke Hebbes, a senior lecturer in network and information security at Kingston University, in our new SC: Video Interview series.

He told SCMagazineUK.com that having a first or even second degree in IT security is all well and good, but there's a danger in looking at problems in an overly theoretical way, and translating that knowledge into the real world can be a very big problem.

In this interview, SC deputy editor Tom Reeve asks:

  • In light of research showing that the average response time to incidents can be as long as 60 days, what does this say about the agility of the banking industry?
  • Is the industry open enough about what's going on? When it comes to cyber-security, should the industry be more open?
  • What role do consultants play in breaking down the walls of secrecy?
  • Hackers reportedly share information with their peers – why isn't the banking industry as open as the hackers? Does security through obscurity work?
  • How effective is CBEST at improving security in the finance industry?

In addition to being a lecturer, Dr Hebbes has extensive experience as a cyber-security practitioner in the finance industry for an undisclosed company.

Click to watch our video interview with him, in which he offers a mix of academic and practical insights plus a cautionary tale, based on personal experience, of the Achilles Heel of pen testing.