Stu Hirst - 10 Years To Ciso

•Download as PPTX, PDF•

0 likes•162 views

Stu Hirst

Presented at Future Of Cyber Security July 2021

Technology

Disclaimers;
I like memes & gifs.
I’m not an ‘expert’ or a
‘thought leader’, but I’ve
learned some stuff along the
way.
@stuhirstinfosec

@stuhirstinfosec
Talk Outline;
- how did I end up here?!
- what have I learned?
- advice/musings

@stuhirstinfosec
One of the questions I
get asked the most is…

@stuhirstinfosec
HOW DID YOU
GET INTO
INFOSEC?

@stuhirstinfosec
It never really crossed
my mind that I would fail

@stuhirstinfosec
‘Take calculated risks’

@stuhirstinfosec
Plan?!
What plan?!
My only plan was to get back to a
good job… & it took graft

@stuhirstinfosec
Advice
Does your existing
company need more
Security people?!

@stuhirstinfosec
Advice
My first Security
course was
immensely important

@stuhirstinfosec
Skyscanner,
DevSecOps,
Squads & Tribes

@stuhirstinfosec
I turned down the chance of….
For….

@stuhirstinfosec
Here, I learned about
• Agile
• DevOps
• Cloud
• Automation
But I had a lot to learn about Security!

@stuhirstinfosec
Advice
I learnt SO MUCH
from people who had
simply already solved
many of these
problems!!!

@stuhirstinfosec
Sometimes
‘making the leap’
doesn’t work out

@stuhirstinfosec
Life and careers are
NEVER smooth!
But you’ll sure as hell
learn a lot…

@stuhirstinfosec
“Cyber at scale”, but
too slow for me
It’s ok to fail.
But you’ve also got to
know when to move
on

@stuhirstinfosec
Advice
I reached out to
someone on LinkedIn
to ask about roles. It
got me a job.

@stuhirstinfosec
Accept change.
It’s constant.

@stuhirstinfosec
Junior Analyst - £20k p/a:
- 10+ years experience
- CISSP, CISA, CISM, Masters, All The
Certs
- AWS, GCP, Azure, All The Clouds
- AppSec, CloudSec, SecOps, Risk,
Compliance
- Serverless, Kubernetes, ML, AI,
Buzzword Bingo

@stuhirstinfosec
Advice
Make the leap before
you feel ready???!!

@stuhirstinfosec
Lifelong Learning,
Public Speaking &
Bravery

@stuhirstinfosec
If you’re not brave
enough to offer
opinions, how will
we disrupt or
change anything?
Step forward.

@stuhirstinfosec
“You need to be more
technical”
“You need to be able to code”

@stuhirstinfosec
- Take calculated risks
- Utilise other people in the industry
- Appreciate not every career move will work out
- Beware the burnout
- Don’t wait for the dream job to land on your lap -
hustle!
- Take the leap before you’re ready?!
- Immerse yourself in community & opportunity
- Be yourself

Similar to Stu Hirst - 10 Years To Ciso

From Aha! to Eureka Smartees Seminar

InSites on Stage

Slides for the presentation at Outdoor Retailer Summer Market 2014 on the topic of Millennial Marketing. Session Description: Millennials buy “the experience”. They don’t purchase hiking boots; they buy the idea of protecting their feet on the trail, while staying dry, avoiding blisters and looking “cool". The outdoor lifestyle is about the feeling of the experience, but our marketing strategies don’t show it. This session will identify acquisition strategies focusing on content to attract and engage millennials.

Marketing to Millennials: Strategies & Tactics - Outdoor Retailer 2014

Anthony Piwarun

Concentrated Startup Wisdom talk for Startup Lisboa companies

Sean Tierney

Hacking a career

Stuart Coulson

When the broader organization just isn’t agile, teams can get stuck. They’re waiting for their knight in shining armor – the ‘enlightened’ executive – to transform it all. What happens when the hero isn’t coming? Is it possible to realistically accept an organization’s limitations without killing morale? Can a manager or coach ‘shield’ a team without losing momentum? Is there any point to making incremental change at the team or division level when ‘real’ progress seems eternally blocked by external impediments? This session explores practical tips to care for the humans in your realm; provide them a safe, comfortable, and defensible space in which to work; and make it inviting enough to win over (some of) the forces outside. Help your teams become self-rescuing princesses, and create the happily-ever-after that your people deserve!

2021.12 Fortress Agile by Cheryl Hammond @ Agile MiniCon

Cheryl M Hammond

The art of delivering value on time

Christophe Achouiantz

Twitter Talk: Using Twitter for Learning and Professional Development in Res ...

Melissa Robertson

An Imposter's Journey Into InfoSec

Stu Hirst

Pivot For Startups

IIMBNSRCEL

How to trive as an early stage startup by using the right metrics

➚ Mike van Hoenselaar

Inventing a Better Mousetrap: It’s All in Perspective

earthkind

Can I Use Twitter to Help My Career - TweetCamp San Antonio

Jim Adcock

How to Hire an Insanely Great SEO (BrightonSEO talk)

Stephan Spencer

Job Search Seminar

Kelley OBrien

Resources for Entrepreneurs

jbischke

User Experience (UX) is probably one of the fastest evolving and most exciting disciplines to be a part of these days. As the practical value of UX-work has become more and more obvious in the past few years, the demand for UX Designers and Experts has grown exponentially. Unfortunately, there are no official educational paths or certifications yet and the confusion around UX is very broad - UX is becoming a buzzword. As a result, the market is not only confused or has at best a very narrow understanding of the term, but this also offers a soil for many amateurs and fake representatives of the discipline to evolve. Over the past few years, I have had the (dis)pleasure to meet and work with some highly promoted UX Charlatans, so that over time I started spotting the patterns - some of their similarities and tactics. My aim is to share my observations in this presentation, in the hope to save you some time, money, and frustration - no matter if you are an evolving UX Designer or a Business/Project owner in need of UX expertise.

UX Charlatans - World Usability Congress, Graz, Austria 2018

martina mitz

Jill Rowley's (Marketo) presentation at Mumbrella's B2B Marketing Summit 2018

Stephanie Borys

Since the days of MySpace and even before them, with Tripod and SixDegrees, social media sites have attracted millions of users. As these users discovered new platforms, they created profile after profile to promote themselves or their businesses. With each profile came more liking and commenting and sharing – thus, the #sharepocolypse was born. With all the social outlets to post on, scroll through, and promote with, navigating and managing your business’ social life can feel like a balancing act – and that is why Anchor is here to help!

#Sharepocolypse

Anchor Media

ISSA-SouthFlorida-03052015-final

Christa Pusateri

When it comes to building and growing a business, analytics play a critical role. The problem most founders and growth marketers face is that they have bad data they just don’t trust. With the abundance of tools and opinions on how to go about implementing analytics, analysis paralysis can be a very real thing. In this webinar, Dan McGaw will walk you through the steps you need to take in order to successfully implement your own event based analytics. What you’ll learn: How to choose the right analytics tool How to deal with corrupt data (and avoid it entirely) What you should (and shouldn’t) be tracking How to create a proper spec (templates included) How to audit your analytics implementation

How to get started with event driven analytics

Effin Amazing

Similar to Stu Hirst - 10 Years To Ciso (20)

From Aha! to Eureka Smartees Seminar

Marketing to Millennials: Strategies & Tactics - Outdoor Retailer 2014

Concentrated Startup Wisdom talk for Startup Lisboa companies

Hacking a career

2021.12 Fortress Agile by Cheryl Hammond @ Agile MiniCon

The art of delivering value on time

Twitter Talk: Using Twitter for Learning and Professional Development in Res ...

An Imposter's Journey Into InfoSec

Pivot For Startups

How to trive as an early stage startup by using the right metrics

Inventing a Better Mousetrap: It’s All in Perspective

Can I Use Twitter to Help My Career - TweetCamp San Antonio

How to Hire an Insanely Great SEO (BrightonSEO talk)

Job Search Seminar

Resources for Entrepreneurs

UX Charlatans - World Usability Congress, Graz, Austria 2018

Jill Rowley's (Marketo) presentation at Mumbrella's B2B Marketing Summit 2018

#Sharepocolypse

ISSA-SouthFlorida-03052015-final

How to get started with event driven analytics

Recently uploaded

Real Time Object Detection Using Open CV

Khem

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

MINDCTI Revenue Release Quarter One 2024

MIND CTI

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Architecting Cloud Native Applications

WSO2

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Recently uploaded (20)

Real Time Object Detection Using Open CV

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

MINDCTI Revenue Release Quarter One 2024

AXA XL - Insurer Innovation Award Americas 2024

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Data Cloud, More than a CDP by Matt Robison

Automating Google Workspace (GWS) & more with Apps Script

AWS Community Day CPH - Three problems of Terraform

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Architecting Cloud Native Applications

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

A Year of the Servo Reboot: Where Are We Now?

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

FWD Group - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Apidays New York 2024 - The value of a flexible API Management solution for O...

Boost Fertility New Invention Ups Success Rates.pdf

Stu Hirst - 10 Years To Ciso

1. 10 Years To CISO @stuhirstinfosec

2. Disclaimers; I like memes & gifs. I’m not an ‘expert’ or a ‘thought leader’, but I’ve learned some stuff along the way. @stuhirstinfosec

3. Who Am I? @stuhirstinfosec

4. @stuhirstinfosec

5. @stuhirstinfosec Talk Outline; - how did I end up here?! - what have I learned? - advice/musings

6. @stuhirstinfosec One of the questions I get asked the most is…

7. @stuhirstinfosec HOW DID YOU GET INTO INFOSEC?

8. @stuhirstinfosec

9. @stuhirstinfosec It never really crossed my mind that I would fail

10. @stuhirstinfosec BUT FAIL, I DID!

11. @stuhirstinfosec ‘Take calculated risks’

12. @stuhirstinfosec Plan?! What plan?! My only plan was to get back to a good job… & it took graft

13. @stuhirstinfosec Advice Does your existing company need more Security people?!

14. @stuhirstinfosec Advice My first Security course was immensely important

15. @stuhirstinfosec Skyscanner, DevSecOps, Squads & Tribes

16. @stuhirstinfosec I turned down the chance of…. For….

17. @stuhirstinfosec Here, I learned about • Agile • DevOps • Cloud • Automation But I had a lot to learn about Security!

18. @stuhirstinfosec Advice I learnt SO MUCH from people who had simply already solved many of these problems!!!

19. @stuhirstinfosec Sometimes ‘making the leap’ doesn’t work out

20. @stuhirstinfosec Life and careers are NEVER smooth! But you’ll sure as hell learn a lot…

21. @stuhirstinfosec “Cyber at scale”, but too slow for me It’s ok to fail. But you’ve also got to know when to move on

22. @stuhirstinfosec Beware the Burnout!

23. @stuhirstinfosec Advice I reached out to someone on LinkedIn to ask about roles. It got me a job.

24. @stuhirstinfosec Accept change. It’s constant.

25. @stuhirstinfosec

26. @stuhirstinfosec

27. @stuhirstinfosec Junior Analyst - £20k p/a: - 10+ years experience - CISSP, CISA, CISM, Masters, All The Certs - AWS, GCP, Azure, All The Clouds - AppSec, CloudSec, SecOps, Risk, Compliance - Serverless, Kubernetes, ML, AI, Buzzword Bingo

28. @stuhirstinfosec Advice Make the leap before you feel ready???!!

29. @stuhirstinfosec Lifelong Learning, Public Speaking & Bravery

30. @stuhirstinfosec Research!!!!

31. @stuhirstinfosec

32. @stuhirstinfosec If you’re not brave enough to offer opinions, how will we disrupt or change anything? Step forward.

33. @stuhirstinfosec Community

34. @stuhirstinfosec

35. @stuhirstinfosec Bad Advice?!

36. @stuhirstinfosec “You need to be more technical” “You need to be able to code”

37. @stuhirstinfosec To Wrap Up…

38. @stuhirstinfosec - Take calculated risks - Utilise other people in the industry - Appreciate not every career move will work out - Beware the burnout - Don’t wait for the dream job to land on your lap - hustle! - Take the leap before you’re ready?! - Immerse yourself in community & opportunity - Be yourself

39. THANKS! @stuhirstinfosec

Stu Hirst - 10 Years To Ciso

Recommended

Recommended

More Related Content

Similar to Stu Hirst - 10 Years To Ciso

Similar to Stu Hirst - 10 Years To Ciso (20)

More from Stu Hirst

More from Stu Hirst (10)

Recently uploaded

Recently uploaded (20)

Stu Hirst - 10 Years To Ciso