Security professionals tend to work in their own little bubbles and as a result can miss the bigger picture and slow response times or cause them to miss the obvious altogether.
That's according to Dr Luke Hebbes, a senior lecturer in network and information security at Kingston University, in our new SC: Video Interview series.
He told SCMagazineUK.com that having a first or even second degree in IT security is all well and good, but there's a danger in looking at problems in an overly theoretical way, and translating that knowledge into the real world can be a very big problem.
In this interview, SC deputy editor Tom Reeve asks:
- In light of research showing that the average response time to incidents can be as long as 60 days, what does this say about the agility of the banking industry?
- Is the industry open enough about what's going on? When it comes to cyber-security, should the industry be more open?
- What role do consultants play in breaking down the walls of secrecy?
- Hackers reportedly share information with their peers – why isn't the banking industry as open as the hackers? Does security through obscurity work?
- How effective is CBEST at improving security in the finance industry?
In addition to being a lecturer, Dr Hebbes has extensive experience as a cyber-security practitioner in the finance industry for an undisclosed company.
Click to watch our video interview with him, in which he offers a mix of academic and practical insights plus a cautionary tale, based on personal experience, of the Achilles Heel of pen testing.