ID Cyber Solutions - Blog , News

ID Cyber Solutions Conference Report—SteelCon 2024

Wed, 14 Aug 2024 13:11:51 +0000

ID Cyber Solutions Conference Report—SteelCon 2024

Attending conferences is a crucial way our staff can keep up to date with cutting-edge research, be introduced to important new ideas and perspectives, and help inspire and support the next generation of cyber security professionals. Our ID Cyber Solutions Conference Report series aims to showcase some exciting and ground breaking ideas presented at these events.

Report by Alice McGready, Cyber Essentials Assessor and Technical Editor

July has always stood out for me in the cyber security conference year, because it’s when SteelCon—one of the events that really helped me decide to move into the industry—is held.

This year, it took place from July 19^th ‘til July 21^st, with the main event taking place on Saturday 20^th. We travelled down to Sheffield on the Friday (grimacing slightly at the traffic but enjoying the sunshine) and arrived in time for networking at a nearby pub, taking the opportunity to meet others in the industry and catch up with those we hadn’t seen since the previous event.

On Saturday morning, we arrived at Sheffield Hallam University and were quickly greeted by… a couple of hundred people carrying board games and wearing ’80s wigs? After some mild bemusement and presenting our QR codes to the registration desk, we likewise joined the board game-carrying, wig-wearing crowd and started digging through the conference swag bag: cassette tapes and sweat bands alongside the usual programme and snacks. Confirmed: the theme of this year’s conference was the 1980s.

Another general theme at SteelCon, as at many other cyber security events, is that of community and charity. This theme would be present throughout the day with the sticker stall and auction, which would be raising money for The Children’s Hospital Charity.

The board games, prominent because their bulk meant they didn’t fit in the swag bags, were part of an awesome SteelCon initiative that they also pursued in 2023 (I’m not sure if longer-standing). In 2023, the organisers went to a local charity shop and asked for 400 random books, which were then distributed to attendees. And when I say random, I mean I know of attendees who received a book on theoretical models in nursing, a book on Martin Luther, a crime novel, a book on baby-led weaning, a school study guide, etc. Attendees were encouraged to chat with fellow attendees, compare the books they’d received, and negotiate swaps if they so desired. Any unwanted books were returned to the organisers and donated back to the charity shop so they could sell them for a second time. The same applied this year to the games, which is why I started out with a card game and left with Kerplunk.

After the opening remarks, I spent a little time exploring the sponsor stands before making my way to ‘Social Engineering 101—Part Deux’ by Chris Pritchard. This was a direct follow-up to a talk he’d given at SteelCon in 2018, though I didn’t see this at the time; my first SteelCon was 2022, when I saw Chris highlight the social engineering tactics used as suspected Mossad agents infiltrated a hotel room. Based on how much I’d enjoyed that talk, I knew this would be good!

Chris Pritchard, SteelCon 2024

Early on, Chris introduced Miller’s Law, which essentially says that the average human can maintain seven (plus or minus two) pieces of short-term information, and pointed out that this is really helpful on social engineering engagements. As an example, he described how he’d noticed the style at a particular company was for employees to load up their badges with trinkets (e.g., USB sticks, tokens); when creating his fake badge, he therefore prioritised the trinkets, knowing that Miller’s Law would mean they would be the focus during security checks. He showed us a photo of the resulting badge, laden with trinkets, that led to a successful infiltration: the badge itself was entirely blank.

Chris also gave some general insights on successful badge creation, keeping Miller’s Law in mind, highlighting how sometimes people take photos of their badges on their last day at a company—‘just handing this in!’—and post on LinkedIn, meaning an easy overview of the company’s badge design, and how marketing teams often publish colours with the exact hex/RGB on the company website.

After some more insights and stories about social engineering engagements, he summarised that these skills aren’t natural but are learnable, social engineers need to present a state of confidence, and they should always be prepared for surprises. It was certainly no surprise to me that I thoroughly enjoyed this talk, both the content and Chris’s entertaining presentation style!

The next talk I attended was ‘The Code Compilation Process’ by Tom Blue. I’ve known Tom personally for a while but hadn’t seen any of his presentations until now—I was delighted to discover that his infectious passion shines through in his talks. This talk presented an overview of the code compiler pipeline, from lexing through to code generation, and, as an inexperienced coder, I will readily admit that I came into this talk purely intending to support a friend but instead I very quickly realised I was getting a lot out of it.

Tom Blue, SteelCon 2024

Not only did Tom break down the compiler steps in a very clear and understandable way, but since “parsing applies to natural language too,” he also drew attention to the connections between code compilation and grammar—an obvious attraction for this ex-linguist! It really helped me gain deeper understanding from his presentation overall. Finally, he covered some security aspects relating to compilers, including how malicious modifications can easily propagate and benign code can be made malicious through a compiler. I genuinely learned a lot from this talk, thank you Tom!

Next up was an absolutely fantastic talk by James Bore on ‘Doing Due Diligence’. This is currently embargoed and we were asked not to publicise the content, but I heartily recommend checking it out when the recording is eventually released. I’ve seen James speak several times now—the quality is always top-notch but this was, in my opinion, one of his best.

Because of the embargo, the only photo I took was of Steve who was working AV for this session.

My ID Cyber colleague Steve working AV, SteelCon 2024

The final talk I saw was by Maya Boeckh: ‘post-startup (security) growing pains: “Hi, It’s me, I’m the risk”’. I’ve seen Maya speak before but on very different topics, with their SteelCon 2023 talk focusing on a language based on JavaScript that uses only six characters. The real similarity between all of Maya’s talks is that they only talk about things that they have a real genuine passion and interest in, and this one was no different.

This talk drew on Maya’s comprehensive experience of working in and with start-ups to offer insights on security aspects that are commonly deprioritised in the early stages of building a business, and the challenges surrounding these. For example, they spoke about start-ups where staff end up using their own devices which are not managed or overseen by the company at all, and the resulting issues this can cause. Unfortunately this talk had to start late due to some technical issues, which meant there was no time for a Q&A before everyone made their way to the conference closing remarks—I think there could have been a very worthwhile discussion had there been more time!

Maya Boeckh, SteelCon 2024

At the conference closing remarks, most of the attendees (myself included) had removed their ’80s wigs due to the heat but the charitable nature of the event continued, with the announcement that almost £1,500 had been raised for the organisation’s chosen charity, The Children’s Hospital Charity. It was a fitting way to end such a community-focused conference.

Although there was an afterparty, we left after the closing remarks to make the trip back up to Glasgow (through wind and rain this time, rather than the glorious sunshine of Friday’s journey south!). Many thanks to the organisers, speakers, volunteers, and sponsors—I’m very much looking forward to next year!

ID Cyber Solutions Conference Report—9th INTERPOL Digital Forensics Expert Group (DFEG)

Thu, 27 Jun 2024 14:13:23 +0000

Report by Cary Hendricks, Global Operations Director

The 9th INTERPOL Digital Forensics Expert Group (DFEG) conference ran from 19–21 June 2024 at Edinburgh Napier University.

The event was very well attended by law enforcement officers from all over the world coming to Scotland where the event was held for the very first time. Many thanks to The Cyber Academy (particularly Basil Manoussos) and the School of Computing, Engineering and the Built Environment at Edinburgh Napier University, which hosted the event.

The three days were packed with exciting and valuable talks, and it would be impossible to write about every talk. The summaries below represent just a small selection.

Day 1

AI was covered extensively, including the advances in AI’s role in law enforcement and how it has had a very pronounced effect, in that it can make digital forensic investigations much faster by doing very monotonous tasks and then processing the results from those tasks. Tasks that used to take weeks, and sometimes months, can now be processed in a few hours.

The role of AI is changing. For example Dr Hans Henseler from the Netherlands Forensic Institute and Leiden University of Applied Sciences showed how Copilot could be made extremely useful in trawling through huge amounts of data. The main objective was to keep the AI from external influences and only work on the data it was given. Adding this capability to their forensic software (Hansken) means they can now offer DfAAS (digital forensics as a service).

Adrien Vincart from PWC gave a fascinating insight to further extend digital forensics using AI, where resources are very scarce and the process needs to accelerate to enable investigators and researchers to investigate and deliver their results in a timeous fashion. Waiting times of many months, even years are now slashed to very manageable timescales, freeing up investigators.

Scott Fitzmaurice, Forensic Analytics, showed how behavioural investigation in location data could be used along with AI to process a huge amount of location data from various devices, including vehicles.

Another excellent presentation by Pavel Goldman-Kalaydin showed the extraordinary tasks that law enforcement now face with the advent of deepfake images and videos and the investigation of those materials. The research and techniques show that AI is getting better at generating the data but using AI to spot those AI generated images is key without human bias.

Along the same track Marco Fontani gave a complementing insight on how deep learning is vital for image and video forensics. These techniques were based on clearing up very poor digital images like, for example, vehicle registration marks (number plates to us).

A particular challenge that law enforcement faces is child sexual abuse material (CSAM) and Ian Stevenson from Cyacomb gave a compelling talk about how new technology is supercharging the fight against this. No longer would victims have to wait months before any action, but also any accused can now be processed really quickly (minutes...) and be given the all clear or notice that they would be charged for offences.

Day 2

Following from the previous day, the focus was on triage: how to quickly find out what is important and focus on that. This has had a profound way how cyber security and digital forensic incidents are being investigated.

Simon Foster, Detective Inspector – POLIT, gave an hopeful account of how technology is making the investigations go a lot faster by citing examples where the technology has excelled. The time to get information, processing, and reacting made a huge difference in protecting children who are being abused. This massively reduced the trauma and increased the prosecution of individuals who perpetrate these crimes.

Alex Caithness, Principal Analyst (R&D), CCL Forensics gave an in depth discussion of open tools for browser forensics. Although this was an product agnostic talk, it delved into the technology that makes up a browser and how it can be investigated. It added valuable information to any investigator who can now extract more information from artifacts than what some forensic products can do. This gave a real insight of how far we have come, but also how long the path is forward.

Stephen Lewington, BERLA gave an excellent presentation about vehicle telematics (the stuff the car stores about you) and how it is used to investigate crimes. This is vital for law enforcement but also has information useful to insurance companies. Some of the data is stored only for the short time but can drastically assist in the investigation into fatal road accidents. The talk also includedinformation on how you could ensure that only the necessary data was being stored and how that data is being used by your vehicle.

Some of the futuristic investigations ventured into the Metaverse, that AI online world where avatars rule the day... We heard a great presentation by Sundaresan Ramachandran on how crimes are committed in the Metaverse and how law enforcement would go about investigating it. From NFT (Non Fungible Tokens) to crypto currency, all of it had links to our “real world”. This is an area where investigations are going to grow a lot in the future.

Day 3

This was a day featuring lots of weird and esoteric technologies. It started with data acquisition from ‘non-standard’ devices. These devices might be medical devices, for example, or devices that can provide information (like logs) but have absolutely no interface to provide that information. This was a deep dive into collecting that information.

Other presentations were more about automotive cyber security and the challenges and opportunities to obtain data for investigations. All the weird and wonderful technology that surrounds us can help to give a fuller picture of what really happened. For those who are thinking that this is a massive surveillance exercise, it is not. It is the information at the point in time to help figure out what happened and from a safety point improve and save lives in the future.

The future is here, but as investigators we are being overwhelmed with data and it is technology’s role to make it easier to make sense of it all.

Cary with Basil Manoussos, Manager at The Cyber Academy and organiser of the event

CyberScotland Week 2024

Wed, 20 Mar 2024 14:57:37 +0000

CyberScotland Week is an annual initiative to, in CyberScotland's own words, “bring people and organisations across Scotland together to raise cyber security awareness and build cyber resilience.” It sees organisations across Scotland host events for the general public and for the infosec community, to help highlight different risks and show how you can protect yourself. This year, CyberScotland Week ran from Monday 26^th February to Sunday 3^rd March.

CyberScotland Week 2024

We were keen to get as involved as we possibly could. As a company, our entire raison d'être is helping organisations become more cyber secure. We don’t just do this through our services (though our main offering, Cyber Essentials assessment and certification, is about exactly that)—we also do what we can through our company culture, both internal and external, and this includes offering free events to the public as and when we can. With this in mind, CyberScotland Week was really not something we wanted to miss!

That was a long way to justify why we ended up hosting or being involved with six events this year. We also did our best to get these recorded, so many are now available to access (for free) even if you couldn’t make it at the time.

Here’s a rundown of what we got up to:

Event 1: Protecting your organisation with Cyber Essentials

Monday 26^th February, 2pm – 4pm

This was an in-person run-through of the Cyber Essentials scheme and how it can help protect your organisation, peppered with hands-on demonstrations so you could see exactly how the controls can help keep your data and systems secure. Delivered by our Global Operations Director, Cary Hendricks, it was a really great opportunity to not only hear about the scheme but to get some expert advice on establishing a baseline level of cyber security at your organisation.

This session was not recorded, but a shorter online version was (see Event 5 for details!).

Event 2: Get Ready, Contestants…

Tuesday 27^th February, 11am – 11.45am

We were keeping Cary busy! We were honoured that he was invited by Basil Manoussos, Manager of The Cyber Academy at Edinburgh Napier University, to present a talk as part of ‘Basil’s Cyber Marathon’—24 hours of back-to-back live talks from industry experts. Cary chose to draw on his experiences of a huge range of cyber security specialities and show how these all related to GRC (governance, risk, and compliance).

The session was recorded—we will update this post when the recording is released.

A screenshot from Cary's talk, Get Ready Contestants, delivered as part of Basil's Cyber Marathon

Event 3: Big Cyber Security Ideas for all business sizes—the plain English edition

Wednesday 28^th February, 10am – 12.30pm

We were determined to not only make this CyberScotland Week about how we could support organisations needing advice on their setups and systems but also about how we could support the wider cyber security community, so that they could in turn support organisations. To this end, we were delighted that we were able to offer a space (both physical and digital) for the co-founders and directors of Damn Good Security (one of our partners) to deliver workshops during CyberScotland Week.

The first of these was delivered by David McKenzie, whose session focused on simplifying what cyber threats are and what you can do to protect you, your business, and your family from common cyber threats. No acronyms, no fuss, no nonsense—just explanations of what cyber attackers are doing and what you can do to help not be their next victim.

The session was recorded and is available here.

Event 4: "Your front door is open": How to respond

Wednesday 28^th February, 2pm – 4.30pm

The second Damn Good Security workshop was delivered by Scott McGready, who presented ways to help protect your data, systems, and people without running a 24/7 Security Operations Centre (SOC). Examples included bucket diving ("found" via open source intelligence), responsible disclosure/security.txt and what to do when you get 'the email' from Scott, and how to spot if someone is poking around (canaries).

The session was recorded and is available here.

Scott McGready from Damn Good Security delivering his talk on responsible disclosure

Event 5: Protecting your organisation with Cyber Essentials (online version)

Thursday 29^th February, 2pm – 3pm

This was the online version of Event 1. Cary gave an overview of the Cyber Essentials scheme and how it can help protect your organisation. As well as explaining the Five Key Controls of the scheme, he demonstrated common ways that systems can be accidentally left unsecured or vulnerable. As with Event 1, it was a really great opportunity to not only hear about the scheme but to get some expert advice on establishing a baseline level of cyber security at your organisation.

The session was recorded and is available here.

A screenshot from Cary's talk on Cyber Essentials

Event 6: ID Cyber Sessions Ep 14

Friday 1^st March, 11am – 12pm

ID Cyber Sessions is our monthly webinar and interview series, and we were pleased that our March episode release date coincided with CyberScotland Week! This interview was with James and Chris Bore, of Bores. James and Chris spoke with our assessors Alice and Steve about a huge array of topics, including threat modelling, running a family business, and information security in an early years context.

The session is available here.

________________________________________________________________

And that’s it for another year! We were pleased to be able to offer such a variety of events and to be able to not only provide advice to organisations but also provide a venue for our partners within the cyber security industry.

And, of course, we’ve already got our planning hats on for 2025, so watch this space…

ID Cyber Solutions Conference Report — G3C 2023 (Mac's first event!)

Fri, 08 Dec 2023 09:15:42 +0000

ID Cyber Solutions Conference Report — G3C 2023 (Mac's first event!)

Report by Iain ("Mac"), Cyber Essentials Assessor.

It was Saturday 4^th November and I was at Glasgow Caledonian University for the Glasgow Caledonian Cyber Convention (or G3C). I must admit I was pretty nervous. This was my first conference, so I had no idea what to expect.

After fighting with the banner stands and laying out swag (as a sponsor, we had a stand at the event), I was ready to start networking.

Kick-off!

Yours truly, running the ID Cyber stand. Photo by Gerard Barrett

I had a lovely chat with folks at Quorum Cyber (one of the other sponsors) and great conversations with Dr Jackie Riley (the Head of Glasgow Caledonian’s Cyber Security and Networks department) and with students who were curious to know more about working in the cyber security industry. Our ID ‘Cybear’ mascot is always a great conversation starter, and students wanted to know more about who ID Cyber are and what we do. Interestingly, I was asked by students about the perception of tattoos in a professional environment in 2023. (Your dearest author has quite a few!) Everyone I spoke to was lovely, especially so early in the morning before caffeine had hit our systems.

G3C is a multi-track event so I wasn’t able to attend all the talks. Keep an eye out for G3C channels to catch any of the talks I missed (or indeed those I saw!).

Stephen Rattigan — Work Smarter Not Harder: The Power of Automating Your Daily Tasks

First talk and it’s ID Cyber’s very own Stephen Rattigan presenting the key to ‘Work Smarter Not Harder: The Power of Automating Your Daily Tasks’.

Even though I get to watch Steve work his automation magic on a near-daily basis I had a blast watching and listening.Why does automation matter? Think about your daily tasks. It all takes time, it’s repetitive… and we’re human. We make mistakes!Steve wants to make life easier: maximise productivity without expending more of your precious time and energy to do so.

He posed the question ‘To automate or not to automate?’ Well, there’s a great acronym to determine if a process should be automated or not:

Consistent
Repeatable
Auditable
Processes

You can see that right? It’s CRAP.

If your automation doesn’t follow CRAP then it’s probably going to take more time/labour to implement than the task itself. In these scenarios it’s not worthwhile to automate. However, if it will increase productivity, efficiency, and consistency then consider automation.

Steve then detailed how he uses automation to help at work:

Auto disable caps lock (isn’t it a pain when you’re typing and it suddenly turns into SHOUTY MESSAGE?)
Snipping tool added to middle mouse click
Keyboard shortcuts for PowerShell commands that are tricky to remember

Warning! Like anything in IT or cyber security, automation carries risk:

Be wary of installing automation tools on company devices! Always ask permission.
Don’t use it for passwords.
Scripts can be flagged as malware.
ALWAYS have a kill key.
Be careful what you automate.

For more of Steve’s insights, including useful tools, check out his talk once recordings are released!

Steve's talk on automating your daily tasks. Photo by Alice McGready

Alice McGready — Communication Breakdown

Another one of ID Cyber’s talented roster, Alice provided a great insight into ‘Communication Breakdown’, or the importance of conciseness, clarity, and the impact of typos.

It’s not just your pride that’s hurt when you send correspondence with typos – it can affect people’s perceptions, confidence, or trust in you! Even outwith an office environment they can have catastrophic effects. They could cause international or political incidents. For example: US military correspondence being leaked to private email addresses in Mali (.ML) instead of the military (.MIL); a nuclear test at the Sedan site in Nevada was erroneously reported as being carried out in Sudan, attracting worldwide attention; and finally, the Mariner 1 spacecraft didn’t even make it to orbit because of a typo!

Typos can cause reputational damage and lack of trust in your organisation. (This one is for the commuters and Glasgow locals!) Alice told a story in pictures about a junction near Cowcaddens where a sign is erected, falls, and remains there for at LEAST 7 years before it is replaced… and the replacement has one of Glasgow’s most well-known streets spelled incorrectly. It’s ‘Buchanan’ not ‘Buchannan’! That doesn’t exactly inspire trust in the local council.

Interestingly, 43% of recruiters listed spelling errors as sufficient grounds for immediate rejection. Can you imagine you’ve put “attention to detail” as one of your strengths?! (Don’t do that, by the way. You’re inviting people to look for a mistake!)

After providing a series of helpful tips on how to avoid typos (check out the recording when it’s released!), Alice leaves us with a contemplative call to action: You have to care. You are advertising yourself/your product or brand. Take pride in your work. Take pride in your words.

James & Chris Bore — Mixology, Multidimensional Information Spaces, and Security

Now, I was glad I was well caffeinated for this one. It was fascinating!

James presented us with information theory: Spaces where we can represent messages and ways to communicate effectively in the presence of noise (anything that can distort a message). A dimension can be anything, for example, any 3-letter message can be encoded in 3D space/3D vectors, and taste is a 6-dimensional space. It’s mixology time!

James plotted 41 different cocktails against six tastes: tart, bitter, sour, sweet, spicy, and salty.

Now we observe the archetype of cocktails, sharing similar characteristics yet entirely distinct! Anything that fits in boundary boxes could hypothetically be one of the archetypes but… it doesn’t necessarily make it the same. For example, the martini boundary-box is so ranged that anything could hypothetically be a martini.

But how does this relate to security? We have lists of attacks and exploitation methods using CAPEC & MITR-ATTK and we can classify APTs in a risk space, but cyber security has been slow to adapt to hyperdimensional standards which are used in other industries.

What issues do we face? Data normalisation (or cleaning) is the main sticking point and from this the industry needs to adapt and collect data in a way that is normalised. With regards to threat modelling, you can just assign numbers to things. James advised: “3 is better than ‘high’ because you can do maths at it!”

Scott McGready — This conference sucks

I’m going to be honest, I didn’t take a lot of notes here. If any of you know Scott, then you’ll understand why – if you don’t… Well, I don’t wait to spoil the delivery – you’ll need to watch the recording for that.

This conference sucks. There’s too many inside jokes, it’s all the same speakers, talks you want to see clash, it’s cliquey, there’s inexperienced speakers, it’s all just about networking.

He got us there…

Scott looking mischievous at the start of his talk... Photo by Gerard Barrett

You see, conferences suck if you make them suck!

There’s too many inside jokes? Ask for the context!

It’s all the same speakers? Volunteer to give a talk!

Talks you want to see clash? It happens!

It’s cliquey? It may seem that way but it’s because all of these people met each other at conferences!

There are inexperienced speakers? Everyone must start somewhere and there’s only one way to get better!

It’s all about networking? This is great. Speak to people. You’ll find out about jobs; you’ll meet interesting people from all walks of life. Networking is a good thing!

This conference sucks… if you make it suck.

That was fantastic, that was bonkers, that was so much fun! If you want to experience it, check out the recording when it’s released.

Cary Hendricks — That’s a Good Question, Kev

Last up, it’s the vanguard of ID Cyber Solutions, Cary Hendricks, presenting ‘That’s a good question, Kev’, amusingly named after a podcast where Cary would answer every one of his co-host’s questions in that same manner.

I wanna work in cyber – how do I get into it?

Firstly, what do you want to be? The careers within the industry are highly diverse. Everything isn’t penetration testing! With so many roles available it pays to know the areas you may wish to specialise. You may work for an organisation helping IT through the creation and implementation of policies/procedures – that’s cyber. All these things encompass information and data. You can still work within cyber and be non-technical!

An ever-present notion in information technology is the evolution of that technology vs its ease of use. As we witness greater network proliferation this encompasses its own problems! So what are the persistent security challenges?

Maintaining compliance
A lack of qualified and skilled professionals
Centralising security in a distributed computing environment
Fragmented and complex privacy and data protection regulations
Compliance issues with BYOD
Relocation of sensitive data from legacy data centres

Standards and certifications like Cyber Essentials and Cyber Essentials Plus can aid businesses with these challenges, making sure that organisations recognise how to secure their data.

There are so many roles within the world of cyber: technical, non-technical, and otherwise. Where will your journey start?

Cary delivering a great keynote. Photo by Alice McGready

_________________________________________________________________________________________________________________

What a blast that was! I met a tonne of people, some I’ve only ever spoken to online, some I’ve known for years, and some new faces. My colleagues were busy preparing and hosting talks, so it forced me to socialise. (I’m glad that was the case!) Having spent the last few years working from home that was exactly what I needed. G3C has cultivated a friendly, open environment for people, students, and industry professionals: a place to meld and inspire collaboration and transparency for those interested in the cyber security world.

I’ll be back – I can’t wait for the next conference. Who knows, maybe one day I’ll speak at one!

Time for food. Damn, I’m hungry!

Me, Alice, and Steve. Photo by Gerard Barrett

ID Cyber Solutions Conference Report — BSides Leeds and SteelCon 2023

Thu, 31 Aug 2023 13:32:20 +0000

Report by Alice, Cyber Essentials Assessor and Technical Editor

It’s hard to deny the value of conferences. Meeting new people and developing networks, learning about new technologies and ideas, and even just reinforcing your existing interests – I don’t think I’ve ever been to a conference and not a) massively enjoyed it b) gained a lot from it on both a personal and professional level, and I’m happy and grateful to be working for a company that supports its staff attending these events.

However, there’s more to be done at a conference than (just?!) attending, listening, networking, and learning, and I’ve recently been appreciating the importance and the satisfaction of directly contributing. This means that our usual conference wrap-up post is going to be a little different this time, given I didn’t manage to actually attend many talks at all!

On 24^th June 2023, I attended BSides Leeds as a conference volunteer. I had signed up for this several months before, and had dedicated the odd morsel of time here and there to tasks passed on by the conference organising team. As regards the event itself, my weekend looked something like this:

Friday

14.30: Leave Glasgow (sharing the car with two other volunteers and an attendee)

Beginning the ~240 mile trip to Leeds

19.00: Arrive in Leeds

19.30: Attend pre-event social gathering

Saturday

01:00: Arrive back at hotel after social gathering

06.00: Go for an optimistic but probably ill-advised run with another volunteer

07.30: Leave hotel

08.00: Arrive at venue to don volunteer garb and to help with outstanding setup

09.00: Attend opening remarks

09.30: Attend opening keynote (Holly-Grace Williams discussing red teaming)

10.00: Complete general runner duties – setting out biscuits for the coffee break, retrieving items, retrieving people

12.30: Have a quick lunch (accompanied by an excellent brownie)

13.00: Complete Green Room duties – providing a secure space for speakers’ personal belongings, helping settle speakers before their sessions, (unexpectedly) helping teams obtain scavenger hunt items

14.30: Go back to being a runner – more biscuits, more retrieving items and people, undertaking critical missions (finding coffee for tired speakers)

16.45: Attend final panel session, juggled with the theme of the day – retrieving items and people

17.30: Attend closing remarks

BSides Leeds organisers delivering the closing remarks

17.45: Point attendees in the direction of the afterparty

17.46: Frantically tidy up in the few minutes left before the venue closure

18.00: Say hello to attendees at the afterparty

19.15: Begin the drive back to Glasgow

21.30: Stop at M6 services for expensive fuel (for both car and people)

Sunday

01.15: Arrive home, having deposited other car-occupiers in various locations

Being a volunteer essentially guarantees an incredibly busy day with not a lot of downtime. I managed to tot up almost 14k steps during the event, and only saw the opening keynote and part of the final panel. However, this doesn’t mean it’s not an amazing experience. Seeing attendees having a great time, an appreciative nod from a tired organiser or presenter as you silently pass them a coffee during a session, the volunteers’ WhatsApp group exploding with messages because something is needed and everyone is leaping to help – these things all mean you have an absolute blast and have the additional satisfaction of knowing: you helped make this happen. I would wholeheartedly recommend volunteering to anyone who just enjoys getting stuck in.

And then SteelCon… that was a different kettle of fish entirely. When I finished my academic endeavours and embarked on a publishing career, I swore to myself I wouldn’t ever put myself back in a position where public speaking was required. And then I came to cyber security and actively sought it out.

My application to speak at SteelCon was accepted, and I duly made my way there for the conference on 8^th July 2023. I’m not afraid to say that I was extremely, extremely nervous. I’m not a natural public speaker and, while my experience from academia was that fully scripting a talk was the norm, my foray into cyber security presenting would involve speaking with only a few Presenter Notes against my slides. In fact, I was so nervous that I couldn’t attend anything in the morning beyond the opening remarks, because I needed to try and calm my nerves through mindless repetitive action (playing Space Invaders at a sponsor’s stall).

My talk (about effective communication in cyber security) seemed to go well, with lots of positive feedback, and after the lunch break I was finally able to attend some talks. First, I went to Maya Boeckh’s talk on how creating JavaScript challenges for Capture the Flag events has helped them with reverse-engineering. This was a highly technical talk, and I’m not ashamed to say that aspects were far beyond my coding capabilities, but Maya had structured their talk carefully and in such a way that anyone, possibly even someone with no coding knowledge whatsoever, could follow their logic.

Maya Boeckh delivering their talk on JavaScript and reverse engineering

I then saw Ian Thornton-Trump speak on “Good, Better & The Best Security!”, which was a passionate and important discussion about how security controls can and should fit within an organisation. Ian is a really excellent speaker and this was a highly engaging and entertaining talk about compliance, controls, and context.

And, aside from closing remarks, that was all I saw. The nerves and adrenaline of giving my own talk had really taken it out of me, and, although I did attend the afterparty for a couple of hours, I was honestly ready for bed from partway through the afternoon. But I really enjoyed it. I felt good about the talk I gave and the feedback I received, and I loved that, after attending my first SteelCon in 2022, I was able to actually contribute to it in 2023. I loved that aspect to such a degree that, despite loudly proclaiming to fellow SteelCon attendees that they had witnessed my first, last, and only presentation, I applied to speak at G3C (to be held at Glasgow Caledonian University in November 2023) only a couple of weeks later.

Am I sad that I saw barely any talks from Leeds and SteelCon? Yes. But! YouTube is a wonderful thing. Cooper (@ministraitor on Twitter/X) manages, with the support of a small team, to record the talks at a huge array of conferences, meaning you can catch up online afterwards. And while I didn’t see the talks on the day, it’s been really lovely over the last few weeks to spend a lunch break or a random hour at a weekend revisiting the events and seeing what I missed at the time.

If you’re interested in copying me and spending your spare time seeing the honestly brilliant offerings from these events, check out their YouTube channels (BSides Leeds and SteelCon).

And if you’re interested in copying me and volunteering or speaking at one of these events, please please do. I can assure you that you won’t regret it.

ID Cyber Solutions Conference Report — 6th International Conference on Big Data in Cyber Security

Tue, 25 Jul 2023 08:55:18 +0000

Report by Alice, Cyber Essentials Assessor and Technical Editor

On Thursday 11th May, Ahmed, Steve, and I attended the 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure, organised by Basil (Vassilis) Manoussos (Manager of The Cyber Academy, Edinburgh Napier University) and held at Edinburgh Napier University. Attendees largely consisted of industry professionals and academics, with a small number of students also in attendance.

After the official opening and a welcome from Cllr Robert Aldridge, Lord Provost and Lord Lieutenant of The City of Edinburgh, we heard from Prof. Nikos Antonopoulous, Deputy Vice Chancellor at Edinburgh Napier, who spoke about the current state of security research and where he saw future attention being focused.

We were then introduced to Becky Pinkard (MD of Global Cyber Operations, Barclays) who spoke about ‘The Evolution of Cybersecurity Operations’. After pointing out that ‘security is being brought to the boardroom’ in the US, with a predicted 40% of boards to have dedicated cyber security committees by 2025 according to Gartner, she spoke about the future security landscape and what she thinks will feature. Finally, she spoke about ways organisations can work to protect themselves — for example, knowing your technical estate, mapping defence capabilities and needs against business risk to inform priorities, and holding more technical expertise at leadership levels as technical complexity evolves (but not at the cost of organisational maturity). Last, but by no means least, Becky highlighted the importance of diversity in hiring and of creating, nurturing, and maintaining a great organisational culture.

Becky Pinkard, 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure

Prof. Berk Canberk (Edinburgh Napier University) presented research on ‘Digital Twins: A New Frontier in Infrastructure and Digital Innovation’. He outlined potential future uses for this technology that included trialling changes to processes at offshore oil plants and personalising medical approaches, in all cases helping eliminate or reduce risk since the impacts of changes would be better understood.

Next, Don Smith (VP Threat Research, Counter Threat Unit, SecureWorks) spoke about ‘Big Data, Cybersecurity & CNI’. This talk largely presented confidential and heavily redacted stories, but I particularly enjoyed this quote: “Most incidents are like being called out to deal with a deer that’s been hit by a car, but it was hit 5 weeks ago, is a bit whiffy, and half of it’s been eaten by a badger.”

Rory Alsop, 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure

We then heard about ‘Realistic Cyber Security in 2023’ from Rory Alsop (Head of Information Security and Cyber Risk, Tesco Bank). Rory spoke about businesses’ competing priorities and how cyber security needs to be implemented realistically, supporting businesses to conduct operations in a way that balances risk alongside cost and opportunity. He highlighted the industry need for people who can communicate, understand risk, and are flexible, and for solutions that fit within businesses’ existing structures and aims.

Next, Mark Cunningham-Dickie (Senior Incident Responder, Quorum Cyber) spoke on big data and artificial intelligence in incident response and digital forensics. He pointed out that IR is constantly evolving, with detection and defence mechanisms becoming faster and more effective, but attacks are also evolving. He argued that incident responders will need artificial intelligence to help respond to incidents, and that incident response and digital forensics will need artificial intelligence and machine learning specialists. He finished by predicting that the next big global cyber event will contain at least an element of artificial intelligence or machine learning.

Mark Cunningham-Dickie, 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure

An Industry Experts Panel — comprising Tim McNulty (Barclays), Becky Pinkard (Barclays), Don Smith (SecureWorks), and Harry McLaren (SenseOn) — was next, chaired by Prof Bill Buchanan (Edinburgh Napier University). The panel answered questions posed by the audience, including whether artificial intelligence could replace humans and how to counteract deep fakes.

The next section of the event was devoted to Critical Infrastructure. First, Prof. Sokratis Katsikas (Norwegian Center for Cybersecurity in Critical Sectors (NORCICS), Norwegian University of Science and Technology (NTNU)) treated us to an overview of NORCICS and its focus as he presented on ‘Industry-research, public-private, and cross-sector partnerships for the secure digitalization of industry’, showing how NORCICS’ work is fully aligned with national strategy.

Sokratis Katsikas, 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure

Next, Prof. Leandros Maglaras (Edinburgh Napier University) spoke about protecting critical infrastructure, including current challenges and solutions, and discussed such topics as how Android malware can bypass MFA on banking applications.

Last in this section, Elzbieta Momola (SGN) spoke from a gas perspective about the challenges in protecting critical national infrastructure, highlighting the need for different methods in IT and OT environments and the skills gap that affects the industry.

The final section of the event focused on Law, Data Protection, and Compliance. First we heard from Laura Irvine (Partner and Head of Regulatory Law, Davidson Chalmers Stewart LLP) who gave a really engaging talk focusing on the regulation of automated decision making. She presented a thorough rundown of the proposals for change to the regulation under the Data Protection and Digital Information (No 2) Bill, peppered with her own thoughts on effectiveness and motives.

Alexandr Chernykh, 6th International Conference on Big Data, Cybersecurity and Critical Infrastructure

Next, we heard from Alexandr Chernykh (Advocate, Official Representative of Ukrainian National Bar Association) who spoke on ‘Digital Reality in Ukraine – Practice, Theory, Law and Procedure’. Alexandr discussed the heavy reliance on smartphones and face ID in Ukraine and gave an overview of the state services portal – an application that stores a user’s official documentation (including ID card, driver’s license, and international passport) and in which they can carry out official procedures (e.g., registering as self-employed, controlling power of attorney, submitting tax declarations). He also shared information about the e-court and e-cabinet, which enable legal parties to perform a range of duties and tasks including viewing cases and conducting online hearings. He pointed out that such capabilities are useful because of the size of the country and the deficit of advocates in some regions.

The final talk of the event was delivered by Prof. Bill Buchanan (Edinburgh Napier University), who spoke on ‘AI, Privacy and Trust within Cybersecurity: Sinners or Saviours?’. Bill discussed the evolution of technology, remarking that we are now entrapped by our phones (in an interesting juxtaposition with Alexandr’s presentation), and the current abilities of machine learning. I particularly enjoyed the theatrical style of this talk, with Bill blending his content with both music and film.

Our thanks to the organisers and speakers! We look forward to next year’s event.

Cyber Threats Could Be Your Path to Health, Wealth, and Happiness…

Tue, 21 Feb 2023 14:18:56 +0000

Terms like 'Big Resignation', 'Big Quit', and 'Great Reshuffle' are commonplace on social channels; a great deal has been discussed and written about around the recent movement of employees.

The mass exodus is a post-pandemic trend primarily driven by job dissatisfaction; the most common reasons cited are wage stagnation compounded by the rising cost of living, lack of opportunity for advancement, and inflexible hybrid or remote working options. Whatever the reason, it is clear that many people are taking stock, assuming control, and making adjustments that suit their desired work-life balance.

The theory is excellent, but what if you're in a job that you genuinely don't enjoy any longer but are not qualified to do much else? Many people would like to make career changes, but they need to maintain the salary levels to which they've become accustomed. Retraining and starting at the bottom is not a viable option. But is there an option?

One of the best ways to make a career change that can maintain your lifestyle whilst providing the challenge you crave is to look at new and emerging sectors; cyber undoubtedly falls into this category, and the demand for qualified people grows daily. What's more, skilled people working in cyber can command good money and, in many cases, work for themselves and do the hours that suit them.

It may seem that your current role is a million miles from a role in cyber, but there are many facets to the work, and more than likely, there will be an area that lends itself to your experience and skillset; Cyber Security Technician, Ethical Hacker, Network Defender, and Digital Forensics Specialist are all job titles you will see with increasing regularity in the future, and you'd be surprised at how your current skills and experience can be adapted to such roles.

Indeed, some of the most senior people in cyber security did not set out in cyber security. For example, in episode 12 of CyberVersed, the podcast published by the National Cyber Resilience Centre Group, Microsoft's Chief Security Advisor, Lesley Kipling, and Chief Security Advisor - UK Partners, Jonathan Davies, both explain they started their working life doing entirely different jobs. In Jonathan's case, he began as an engineer in electrical electronics before moving into science metallurgy and then into cyber security. Both go to great lengths to encourage everyone to explore a cyber career.

Much closer to home, team members here at ID Cyber Training have come into cyber from other careers. Gary and Ahmed both worked in IT before moving into cyber security. However, others are now following much more diverse paths; Steve was a personal trainer, Keven was an electrician, and Alice was an editor in educational publishing. So, almost anyone can explore cyber security as a career option.

You might also be surprised at how easily you can retrain and gain the qualifications that are increasing in demand. ID Cyber Training offers extensive training and certification, and many people attending these courses are doing so because they want a different career with better opportunities. Many who have completed their training now enjoy better pay, increased job satisfaction, and genuine appreciation. Still, the primary benefits are total control of their work-life balance and being part of a thriving and in-demand cyber community.

Cary Hendricks to Speak at 'Know Your Cyber' Event

Mon, 13 Feb 2023 08:18:00 +0000

We are excited to announce our Global Operations Director, Cary Hendricks, will be one of the speakers at the upcoming 'Know Your Cyber' event at the HALO Enterprise and Innovation Centre, Kilmarnock, on 2nd March.

The event forms part of 'Cyber Scotland Week', a programme of events across Scotland designed to make businesses, organisations, and individuals more cyber-aware and resilient.

Cary's talk is entitled 'Creating a Culture', where he will offer advice on making cyber part of the everyday conversation in the workplace. Cary is no stranger to the speaker's podium, having spoken at many events worldwide; however, he relishes the prospect of addressing an audience here in Scotland.

Speaking about the event, Cary commented: "I'm delighted to have been invited to participate at the 'Know Your Cyber' conference. People like me and businesses such as ID Cyber Solutions need to share their experience and knowledge to raise awareness of the increasing threat of cyber attacks.

"Every business must address the topic and know the threats, and they need to have the plan to deal with any attack. It starts by creating a culture where cybercrime is at the forefront of decision-making and business operations. If I can help more business owners appreciate this, I am delighted to do so."

Other experts speaking on the day include Douglas McLachlan, Partner at Anderson Strathern, who will explore the legal implications of cyber attacks and personal data breaches, and Ged Freel, Head of Business & Computing at Ayrshire College will highlight opportunities for individuals and employees to follow careers in the cyber world.

Dr Marie Macklin CBE, Founder and Executive Chair at HALO Urban Regeneration Co. comments on the event, "Tech, Digital and Cyber are at the heart of HALO and in a fast-paced world where technology is changing how we start, grow, and scale our businesses we need to be aware of the cyber challenges we face. This event, part of Cyber Scotland Week, will allow the business community to come together and hear from our speakers who specialise in the industry, helping us all know our cyber. I hope you can join us for a great event on the HALO #RockMe Trading Floor."

If you'd like to come along and hear Cary and the other cyber experts share their knowledge, you can sign up for 'Know Your Cyber' event here.

#RockTogetherIn2023 | #EventsThatMatter

ID Cyber Conference Report - G3C 2022

Fri, 10 Feb 2023 15:11:59 +0000

Report by Alice, Cyber Essentials Assessor and Technical Editor

On Saturday, 5th November 2022, I attended G3C, a student-run conference at Glasgow Caledonian University, now in its second year. 250 tickets were sold for the event, with attendees including industry professionals, recent university graduates, current students, and interested members of the public.

The conference ran four separate tracks—three presentation tracks and a workshop track focusing on lockpicking—so I could not attend every talk. However, the track in the main auditorium was live-streamed and uploaded to YouTube so that I could catch up on a few of the missed talks after the event. After an introduction from Dominik Hanlon (president of the Glasgow Caledonian Ethical Hacking Society), I made my way to Scott McGready's talk 'There's a hole in your bucket'. Scott revealed that one of his hobbies is 'bucket-hunting'—checking online repositories (like AWS S3 buckets) that companies or individuals have made publicly available and alerting the company if the data contained within should be privately stored. He provided several examples of buckets, freely searchable by the general public, that included HR phone call recordings, passwords and credit card information, and private email conversations before going on to advise on bucket security, how researchers can responsibly disclose that a company's data is freely available, and how a company could best respond to a disclosure.

Bucket security advice for organisations. Scott McGready, 'There's a hole in your bucket', G3C 2022

Next, I attended Gemma Craig's talk 'Nursing to cyber security'. After 14 years as a nurse, Gemma transitioned into a career in cyber security, including roles in the SOC (Security Operations Centre) and Incident Response. She highlighted the significant similarities between her nursing and cyber security careers, helping her audience see the value of transferable skills and understand how someone with a seemingly different professional background can quickly pick up critical cyber security skills. This was a very engaging talk, full of personal touches and good humour, and it helped me think of additional ways to explain technical ideas to those who don't work in a technical field. Dave McKenzie followed Gemma with a presentation on 'Digital Deception'. This talk encouraged the audience to consider the usefulness of honeypots and canary tokens and how to add them effectively into a network, helping companies quickly identify when an unauthorised individual (whether external or an insider threat) has accessed the system. Using a live demonstration involving the audience and a series of QR codes, Dave showed how easily canary tokens could be set up and the information they could pass to the token owner. This was undoubtedly a talk that made the audience think about the security of their networks and ways to protect them better.

Honeypot and canary token resources. Dave McKenzie, 'Digital Deception', G3C 2022

After the lunch break, I attended Sean Wright's presentation on 'Software supply chain woes', which pointed out security issues resulting from using existing libraries or packages in applications. Sean showed how some packages contained vulnerabilities yet were still incorporated, unchecked, into large numbers of applications—a talk of interest to anyone relying on pre-built libraries or packages, anyone using plug-ins, or anyone asking third parties to develop applications for them.

Andy Gill's closing keynote, 'Expanding your horizons', comprised a whistle-stop tour through his cyber security career, including tips and tricks on avoiding burnout and career progression (and an array of impressive photographs, the hobby being one of his ways to avoid burnout). The talk was very well-received by current or recent students in the audience hoping to begin in the industry on the right footing and was a fitting end to a student-led event.

After the event, I took the opportunity to use the YouTube recordings to catch up on one of the talks I missed—Gerard Barrett's 'To SOC Analyst... and Beyond!'. Gerard, like Gemma, discussed his transition into cyber security from a different industry (in his case, fraud investigation). However, the two talks had very different focuses, making them equally valuable. My main takeaways from Gerard's presentation were the various ways that the cyber security community had shaped his career path, with a vast number of people offering him a wealth of friendly support and advice, and how he built his knowledge through the use of different online courses.

Other scheduled talks that I wasn't able to attend were:

▪ David Edwards—The Darkness of Powers Hell (Powershell Abuse)

▪ Rory McCune—Wonder the world of container security

▪ Petros Wallden—Cyber Security In The Quantum Era

▪ Fred Crowson—Openbsd secure operating system for everyone

▪ Joshua Brown—"Kind of Blue" Working in SOC

▪ Eliot Bolster—Demo-Democracy Directly Doomed

Thanks to G3C and all the speakers for a fun and informative conference, and I look forward to using my new knowledge and ideas to support ID Cyber Solutions' customers better.

Three Main Advantages of Developing a Cyber-Aware Workforce

Wed, 04 Jan 2023 09:10:00 +0000

Is the ever-growing threat of cyber attacks, along with a scarcity of cyber-skilled workers, a cause for concern for your business? If so, the solution may be closer than you think…

Your own workforce!

Enrich and strengthen your business cybersecurity by nurturing employees who show enthusiasm and desire in improving their skill set and attaining industry-recognised certifications.

Why Should You Focus on Developing a Cyber-Aware Workforce?

With the advancement of technology, cyber criminals are becoming more sophisticated and destructive. In 2021, cybercrime cost medium to large businesses an average of £19,200. You may feel that you're fully protected with premium security systems in place but, without thorough employee training, you may be fighting a losing battle. Your employees are critical to your company's daily operations, and it's paramount they understand how to deal with impending threats.

What are the Advantages of a Cyber-Aware Workforce?

We’ve outlined below the three main advantages of developing and upskilling your workforce and how this can be achieved through our robust training courses and certifications.

Increase individual resilience to cyber threats

Human error is without a doubt one of the most serious security threats to businesses, accounting for 82% of security breaches. Human errors can be split into two categories: skill-based and decision-based. Skill-based errors are minor mistakes which are caused by “distracted” employees, while decision-based errors are caused by a lack of knowledge. With robust training, you can transform your workforce from a security liability to a security asset.

Drive retention of highly valuable employees

With the shortage of cyber skills having more than doubled from 23% to 51% since 2014, the stakes are considerably higher when it comes to employee retention as businesses are continuously searching for and poaching talent to fill their gaps. If you’re fortunate enough to have acquired top talent, you’ll want to stay tuned in.

Employee retention is often significantly greater in businesses that support and encourage ongoing education and development. By actively offering development opportunities to each team member and allowing them to select professional training that they believe best matches and maximises their potential, you’re creating a loyal workforce to be reckoned with.

A more skilled, confident, and knowledgeable workforce

When resilience and retention are combined, you will benefit from a workforce that is considerably more skilled, confident, and knowledgeable in safeguarding your business from damaging cyber attacks. Our courses not only equip participants with effective knowledge and skills, but also ensure attendees leave with a sense of empowerment.

Why Choose ID Cyber Training UK for your Cyber Training Solutions?

Here at ID Cyber, it is our promise to guarantee the highest standards of integrity in the industry, carrying out the most beneficial cyber education in a constantly changing environment. Through cyber training and certification, we’ll provide the professional knowledge to protect your company from cyber attacks from opportunistic criminals, counterfeiters, fraudsters, employees, and other sources.

Throughout the year, we offer a variety of specialised cybersecurity courses hosted by world-renowned industry professionals.

Click to view our 2023 schedule and how you can register. Early booking is advised as spaces are limited.

Contact us

If our course dates collide with your business agenda, please click here to contact us and one of our specialists will be in touch to discuss your availability.