Hacked Off

Hosted by Secarma

TechnologyInterviews guestsExplicit

Website RSS feed

Episodes

108

Latest episode

Apr 2024

Language

About the show

Hacked Off demystifies the world of cybersecurity. Hosted by Secarma's Managing Director, Holly Grace Williams, it features weekly interviews delving beneath the headlines of the latest hacks, breaches and vulnerabilities, providing expert advice on how to stay safe online. This podcast is brought to you by global cybersecurity and penetration testing company, Secarma.

Listen to episodes

60 recent

April 22, 202426 min

108. IASME: IOT Security Compliance

Following audience responses to Pod 107 with Jason Blake, Secarma Jen Williams has circled back to do a deeper dive into the PSTI legislation and IoT devices. With the legislation going live at the end of April, any manufacturers that have not yet found a successful route to show compliance should listen to this podcast which goes into finer detail with Jason Blake. As IASME's IOT scheme manager, Jason shares a selection of ways to navigate the legislation and he and Jen discuss the ways to approach an accreditation that will also help any business and their devices to improve on the journey. They also look at the wider implications around unsecured internet devices and the likelihood that governing bodies will levy some large fines early on to impress the importance of complying on manufacturers. For more information regarding IOT and the PSTI legislation you can check out the resources section of the secarma.com website at https://secarma.com/resources/iot-and-psti/

February 6, 202424 min

107. Jason Blake: IoT and PSTI

Secarma Head of Testing, Simon Chapman, takes over the hosting duties as the Hacked Off podcast returns. Episode 107 focuses on IoT and the new regulations that are forcing manufacturers to place security at the heart of their devices. Simon interviews Jason Blake, IOT scheme manager at IASME and Jen Williams who heads up consultancy services at Secarma. Jason talks us through the diverse world of IoT devices, from smart letter boxes to B2B moisture content monitors for farmers and explains why the need for tighter security regulation is long overdue. Jen approaches the subject from a consumer perspective and poses the risks of a home network that has dozens of ‘always on’ devices connected and the average consumers understanding of this situation. How do we give consumers a confidence around IoT that has perhaps been eroded of late? The panel discuss IASME’s IoT Cyber Secure Scheme and why it’s one of the simplest ways for manufacturers to give their devices the security health checks that they need. You can find more IoT resources, particularly around the PSTI legislation at https://secarma.com/resources/iot-and-psti/ You can find out more about the IASME IoT scheme on their website at https://iasme.co.uk/internet-of-things/ Or on Secarma’s website at https://secarma.com/cybersecurity-services/consultancy/iot-cyber-scheme/

October 29, 202143 min

106. Simon McNamee: Optimising Security Services

In this episode of Hacked Off, Holly interviews Simon McNamee - Secure Impact's Security Technology Lead. This week, they discuss what issues security experts often encounter when working with businesses; both those with a high level of security maturity, as well as those just starting off on that journey. Holly and Simon offer some sage advice to organisations about getting the most out of their security services - it all starts with understanding the difference between these services and recognising what your business is ready for - and they also share some of their own experiences from different on-site engagements. 1:00 Defining Value 7:00 What happens when nothing happens? 10:50 Goals 13:42 Cyber Essentials & beyond 17:35 Are you ready for a pentest? 22:50 Simulating the bad guys 30:40 Creating a distraction 35:50 Not every attack is ransomware Listening time: 43 minutes Host: Holly Grace Williams, on behalf of Secarma Guest: Simon McNamee, Security Technology Lead at Secure Impact Ltd Connect with Simon: www.linkedin.com/in/samcnamee Secure Impact: www.secure-impact.com Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

October 15, 202142 min

105. Rob Demain: SOCs and SMEs

For some organisations, using Security Operation Centre services is a great way to minimise the impact of a possible cyberattack. Moving quickly and effectively, SOCs can detect, analyse and respond to breaches if an organisation doesn’t have the resources to do so themselves. In this episode we spoke to Rob Demain – founder and CEO at e2e-assure – about the role of SOCs, today’s diverse threat landscape, and the importance of research and development when working in cybersecurity. 02:00 Why SOCs? 06:00 Building trust 13:35 Keeping up-to-date 15:40 Delivering the service 23:20 When disaster strikes 29:20 Working with SMEs 33:55 Security risks Listening time: 42 minutes Host: Holly Grace Williams, MD at Secarma Guest: Rob Demain, founder and CEO at e2e-assure Connect with Rob: www.linkedin.com/in/rob-demain-01733468 e2e-assure: https://www.e2e-assure.com/ Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

September 24, 202130 min

104. David Barr: Cybersecurity CSI

In the cybersecurity world, the digital forensics dept acts as the Crime Scene Investigation team for a business that has fallen foul of a cyber-criminal. DFI techniques are used to investigate and rectify the problems caused by the hack, and/or bring the perpetrator to justice. Similarly to traditional forensics, cyber incident response teams can find data to use as evidence in the investigation. In this episode, we talk to David Barr – Principle CIRT Consultant at Secure Impact – about the day-to-day of digital forensics, how the scene is evolving, and what to expect from his talk at UnLocked: London Olympia. 00:35 Working in Digital Forensics 07:20 Research 09:20 Investigating the Incident 15:25 When is Digital Forensics needed? 20:10 Is Digital Forensics Evolving? 21:25 Preparing for Forensics Investigations 24:50 UnLocked: London Olympia 28:30 Careers in Digital Forensics If this episode was of interest to you, you can catch more of David at UnLocked: London Olympia on the 28th September. Tickets here: https://www.eventbrite.co.uk/e/unlocked-london-olympia-2021-tickets-153829914415 Listening time: 31 minutes Host: Holly Grace Williams, MD at Secarma Guest: David Barr, Principle CIRT Consultant at Secure Impact Connect with David: https://www.linkedin.com/in/david-barr-a2a639121/ Secure Impact: https://www.secure-impact.com/ Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

August 20, 202131 min

103. Declan Doyle: Cyber Resilience

Valuing your SME as ‘too small to get hacked’ can leave you complacent and open to attacks, with little to no defences in place. For those who find cybersecurity daunting, there are organisations out there, ready to help. In this episode, we talk to Declan Doyle – head of Ethical Hacking at the Scottish Business Resilience Centre – about cyber resilience, misconceptions around who can get hacked, and understanding clients to best help them stay secure. 00:26 What is the SBRC? 01:35 Resilience 02:55 Helping out 05:35 Misconceptions around size 07:49 Optics and tailoring services 19:55 Different pathways in Cyber 26:50 Engaging with SBRC Listening time: 31 minutes Host: Holly Grace Williams, MD at Secarma Guest: Declan Doyle, head of Ethical Hacking at the Scottish Business Resilience Centre (SBRC) Connect with Declan: https://www.linkedin.com/in/declandoyle/ SBRC: https://www.sbrcentre.co.uk/ Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

August 16, 20211 hr 5 min

102. Nick Blundell: Automating Testing

The medium of cyber-attacks is code, but the mastermind that drives them is always human intelligence. Systems are created by people, and automated tech still can't understand every nuance that humans embed into them. In this episode, we talk to Nick Blundell – head of R&D at AppCheck – about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach. 00:50 Will automation take over? 04:25 Scanning or Pentesting: the pros and cons 17:30 Issues with automation 22:00 Weak systems 52:50 A blended testing approach Listening time: 1 hour 5 minutes Host: Holly Grace Williams, MD at Secarma Guest: Nick Blundell, head of R&D at Appcheck Appcheck: https://appcheck-ng.com/ Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

August 6, 202131 min

101. Greg van der Gaast: Rethinking Recruitment

In a time of record unemployment due to the pandemic, it’s strange that cybersecurity job openings receive so little applicants and take 20% longer to fill than typical IT roles. Is there a cyber skills shortage, or are we simply looking in the wrong places? In this episode, we talk to Greg van der Gaast – CISO at Scoutbee GMBH and author of Rethinking InfoSec – about how we can rethink the cyber hiring process and role requirements, in order to find many more suitable candidates. We also touch on diversity, the role of HR, and building stronger enterprising teams. 00:28 Security in supply discovery 02:30 Rethinking InfoSec 09:20 Synergy 12:00 Resourceful recruitment 17:50 Finding the right fit 20:18 Health, safety, and growth 27:44 The role of HR Listening time: 32 minutes Host: Holly Grace Williams, MD at Secarma Guest: Greg van der Gaast, CISO at Scoutbee GMBH and author of Rethinking InfoSec Scoutbee GMBH: https://www.linkedin.com/company/scoutbee/ Connect with Greg: https://www.linkedin.com/in/gregvandergaast/ Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

July 26, 202146 min

100. Jai Aenugu: Why We Have to Win Every Time

To celebrate Hacked Off's 100th episode, we spoke with Jai Aenugu – founder of TechForce Cyber - a highly regarded cybersecurity resilience organisation with offices in both Edinburgh and Aberdeen. This week’s podcast features conversation around what sets Scotland apart in terms of cybersecurity, doing one thing and doing it really well, plus security essentials for SMEs, and an overview of the NotPetya and Kaseya cyber-attacks. 0:49 Cybersecurity in Scotland 4:45 Why found an InfoSec business? 7:00 The Kasaya attack 10;10 Minimising impact 14:00 Don't plan for ransomware 19:45 Security bias 25:00 When phishing turns foul 30:30 Risk 37:00 The baseline and beyond 41:00 Look after the customer Listening time: 46 minutes Host: Holly Grace Williams, MD at Secarma Guest: Jai Aenugu, Founder of TechForce Cyber TechForce Cyber: www.techforce.co.uk Contact: hello@techforce.co.uk Connect with Jai: www.linkedin.com/in/jai23155/?originalSubdomain=uk Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455

July 16, 202145 min

099. Ian Murphy: Against Apathy

Workplace security training can be hit or miss; to keep your business safe, your awareness training needs to be memorable, but a conventional annual security presentation on passwords and phishing scams can be tedious and forgettable. In this episode, we talk to Ian Murphy – founder and content creator at CyberOff, and co-founder of LMNTRIX – about how we can utilise engaging, out-of-the-box content to revamp security training and get the general population excited about security practices. 00:50 Creating engaging content 06:48 The need for a new approach 15:00 Context, content and culture 19:45 Attracting an audience 21:40 What’s going wrong? 24:15 The need for good communication 30:53 Building content 37:20 Valuing time and skills Listening time: 45 minutes Host: Holly Grace Williams, MD at Secarma Guest: Ian Murphy, Founder of CyberOff and Co-Founder of LMNTRIX CyberOff: www.cyberoff.co.uk LMNTRIX: www.lmntrix.com Connect with Ian: www.linkedin.com/in/ianmurphy Our website: www.secarma.com Tweet us: www.twitter.com/Secarma Events: www.eventbrite.co.uk/o/secarma-ltd-31129456455