Originally broadcast on: Tuesday 27th April 2021, 16:00 (BST)

Removing your ‘cloak of complexity’ in quantifying cyber risk

In this episode of teissTalk we discussed:

  • Estimating financial loss from cyber breaches using the data you have
  • Effective upwards communication with credible measurements of cyber risk: Using the Board's language to show the impact of your cyber security spend on your organisation's cyber risk
  • Making prioritisation decisions from your quantified cyber risk - where to allocate your hard won resources and funding?

full episode replay

In order to enjoy this episode of teissTalk, and our full library of content, you need to log in.

Log in

Host

Jenny Radcliffe

Jenny Radcliffe, also known as “The People Hacker,” is a world renowned Social Engineer, hired to bypass security systems through a no-tech mixture of psychology, con-artistry, cunning and guile. 

Jenny is a sought after keynote speaker, panelist and moderator at major conferences and corporate events, both in-person and online,  is a  TEDX contributor and is host of her own multiple award winning podcast series.

Guests

Steve Brown

Cyber Security Director
Mastercard

Steve is the European lead for Cyber Security with responsibility for the implementation and integration of Mastercard's Cyber Security Framework including data breach detection and cyber risk assessment technologies and capabilities across all related stakeholders.

Ken Munro

Partner
PenTest Partners

Ken is a security entrepreneur and industry maverick that has worked in infosec for over 15 years. After studying Applied Physics he tried his hand in the hospitality industry but soon discovered a talent for hacking, persuading a till to print out mortgage amortisations. He went on to cut his teeth in the anti-virus industry before founding SecureTest, a penetration testing business that quickly established a reputation for delivering high spec services using a boutique business model. NCC Group recognised the value of the proposition and acquired SecureTest in 2007. But Ken had found his calling and his penchant for pen testing saw him set up Pen Test Partners in 2010 which now boasts some of the best ethical hackers in the business, each of whom has a stake in the firm.

Ken’s zeal for pen testing is matched only by his disdain for those vendors who resort to scaremongering to peddle point solutions. He is a fierce advocate of responsible disclosure and regularly researches and reveals security vulnerabilities in an effort to promote better security design and practice. He takes a key role in conducting investigations as well as encouraging team members to pursue their own research and the results are published on the company blog on a weekly basis as well as being publicised by the wider media.

Ken is a respected speaker and pulls no punches during his annual Tech Talk presentations at Infosecurity Europe, where he can also be found performing practical hack attacks on the company stand. He is a regular speaker at events held by industry bodies and associations and has spoken at the ISSA Dragon’s Den, (ISC)2 Chapter events and CREST (Council of Registered Ethical Security Testers) events, where he sits on the board, helping to establish standards in both member organisations and among individual penetration testers. He’s also an Executive Member of the “Internet of Things Security Forum”, a body that aims to promote best security practice and the application of controls in smart device manufacturing, and spoke out on IoT security design flaws at the forum’s inaugural event. He’s also not averse to getting deeply techie, regularly participating in hacking challenges and demos at 44CON, DefCon and Bsides.

Ken has a wealth of experience in penetration testing but it’s the systems and objects we come into contact with on an everyday basis that really pique his interest. This has seen him hack everything from hotel keycards, to keyless cars and a range of Internet of Things (IoT) devices, from wearable tech to children’s toys and smart home control systems. This has gained him some notoriety among the national press, leading to regular appearances on BBC TV and BBC News online as well as the broadsheet press, and he’s also a regular contributor to industry magazines, penning articles for the legal, security, insurance, oil and gas, and manufacturing press.

Michelle Griffey

Chief Risk Officer
Communisis

Michelle joined Communisis in February 2016 initially to build a Risk Framework for the ‘Customer Experience’ division supporting clients within strongly regulated markets. She has subsequently brought together the risk, information security and data protection elements of the business to deliver a Risk Function focussed on resilience and sustainable growth.

Prior to Communisis Michelle has over 30 years’ experience across a wide range of disciplines including Lean Sigma, Programme Management and Risk and Governance mostly within the Financial Services Industry. She has successfully held various leadership roles one of which was managing the supplier relationship for work outsourced to Communisis from her previous employer.

Copyright 2021, Lyonsdown Limited

23-29 Hendon Lane
London, N3 1RT
020 8349 4363
press@teiss.co.uk
teiss® is a registered
trademark of Lyonsdown Ltd