Security professionals tend to work in their own little bubbles and as a result can miss the bigger picture and slow response times or cause them to miss the obvious altogether. 

That's according to Dr Luke Hebbes, a senior lecturer in network and information security at Kingston University, in our new SC: Video Interview series.

He told that having a first or even second degree in IT security is all well and good, but there's a danger in looking at problems in an overly theoretical way, and translating that knowledge into the real world can be a very big problem.

In this interview, SC deputy editor Tom Reeve asks:

  • In light of research showing that the average response time to incidents can be as long as 60 days, what does this say about the agility of the banking industry?
  • Is the industry open enough about what's going on? When it comes to cyber-security, should the industry be more open?
  • What role do consultants play in breaking down the walls of secrecy?
  • Hackers reportedly share information with their peers – why isn't the banking industry as open as the hackers? Does security through obscurity work?
  • How effective is CBEST at improving security in the finance industry?

In addition to being a lecturer, Dr Hebbes has extensive experience as a cyber-security practitioner in the finance industry for an undisclosed company.

Click to watch our video interview with him, in which he offers a mix of academic and practical insights plus a cautionary tale, based on personal experience, of the Achilles Heel of pen testing.