2024-12-14 –, Track 2
In cybersecurity, Black Swan events are seen as rare, high impact threats or attacks from unknown or neglected vectors, that post event are rationalised as predictable in hindsight despite being unforeseen at the time. Our role in Cybersecurity is to help organisations prepare for the worst but how can we prepare for unpredictable, rare, high impact events? This talk will examine some real-world Black Swan breaches and then discuss approaches company's can take to prepare for them.
This talk takes a real-world look at how red teams help organisations prepare for incidents. Starting with a light touch review of real-world high impact "black swan" breaches to show why we should try to do such testing. We will then look at how we can design red team engagements to test similar high impact scenarios, and what skills are needed to deliver such testing. We will finish off the talk with looking at the practical steps we can advise organisations to take to prepare for the worst.
David V. has been working behind the scenes in cybersecurity for over a decade. He has worked for NCSC, supported Cabinet Office with the GBEST scheme; has been a Principal Security Tester at QinetiQ; managed dozens of red team engagements at LRQA (formerly Nettitude); is a qualified CCSAM and Crest Assessor; and is currently Head of Red Team at Prism Infosec.
Outside of security testing, David is a Form 1 LudoSport (an international Lightsaber combat sport) Instructor for LudoSport Gloucestershire; a family man; cat lover; amateur 3d printer enthusiast; photographer, and astronomer.