Robert Hannigan has had an illustrious career spanning both government and the private sector in cybersecurity. He played an instrumental role in developing the UK's early approaches to cybersecurity as well as advising Prime Ministers on national security issues. As Director of GCHQ from 2014 to 2017, he oversaw transformational changes including the creation of the National Cyber Security Centre. Hannigan now works in the private sector to address ongoing cybersecurity challenges like the skills gap, and promotes diversity and opportunities for people of all backgrounds in the field.
The Financial Times, in association with HP, recently hosted a forum to discuss the latest security threats being faced by public sector institutions in Brussels and the steps which are being taken to address them. Read this report to see the key insights gathered from the event.
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
Cyber is a real threat and we can not keep our eyes shut to the same. Most of the countries surrounding us are involved in cyberwar covertly and we need to take steps to counter the same at the earliest.
The Financial Times, in association with HP, recently hosted a forum to discuss the latest security threats being faced by public sector institutions in Brussels and the steps which are being taken to address them. Read this report to see the key insights gathered from the event.
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
Cyber is a real threat and we can not keep our eyes shut to the same. Most of the countries surrounding us are involved in cyberwar covertly and we need to take steps to counter the same at the earliest.
Præsentation for PROSA listing some threat and how to reduce risk - open source oyu can reuse slides for your own presentations https://github.com/kramshoej/security-courses
Looking Ahead Why 2019 Will Be The year of CyberwarfareSecuricon
One year away from the third decade of the 21st century and technology has finally caught up with science fiction. In 2019, we’re going to hear more news about driverless cars, revolutions in artificial intelligence and commercial applications for drones. One thing is for sure: it’s an exciting time to be alive.
This research report studies the economic impact that Cyber Security attacks have on
society as a whole. The aim of this analysis is to examine the negative and positive
impact of these compromises on multiple entities. Our descriptive analysis focuses on
individuals, private and public organizations, costs, revenues, innovations, and jobs to
determine if proliferations of these attacks are either, negative or positive. Although this
paper draws upon the economic factors as result of cyber-attacks, it looks at the outlay
in its historical context of capital expenditures to private and public organizations due to
the increased number of compromises and factors of this paradigm helping to fuel the
growth of innovations or spawn a new industry as a whole
This research report studies the economic impact that Cyber Security attacks have on society as a whole. The aim of this analysis is to examine the negative and positive impact of these compromises on multiple entities. Our descriptive analysis focuses on individuals, private and public organizations, costs, revenues, innovations, and jobs to determine if proliferation's of these attacks are either, negative or positive. Although this
paper draws upon the economic factors as result of cyber-attacks, it looks at the outlay in its historical context of capital expenditures to private and public organizations due to the increased number of compromises and factors of this paradigm helping to fuel the growth of innovations or spawn a new industry as a whole.
Public Relations Campaign for SecureWorks for IMC 618: PR Concepts & Strategy. Campaign is focused on increasing brand awareness among both big and small businesses as well as potential investors.
This slideshow discusses the importance of Government Surveillance as it pertains to National Security. A Look at some of the legal issues on Public Privacy and Mass Information Intelligence Gathering.
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...Vincent Mwando
A paper writing submission on an existing or emerging area in Internet Governance, leveraging the learnings from the course (Internet Governance) and Internet Society 2021 Projects. Papers will be evaluated by a selection committee and the best submissions will be selected as IGF Youth Ambassadors.
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ransomware Attacks Perspective (pp. 79-82)
Sulaiman Al Amro, Computer Science Department, Computer College, Qassim University, Qassim, Saudi Arabia.
Vol. 18 No. 6 JUNE 2020 International Journal of Computer Science and Information Security
https://sites.google.com/site/ijcsis/vol-18-no-6-jun-2020
A paper writing submission on an existing or emerging area in Internet Governance, leveraging the learnings from the course (Internet Governance) and Internet Society 2021 Projects. Papers will be evaluated by a selection committee and the best submissions will be selected as IGF Youth Ambassadors.
The Future of Security in Australia: a Think Tank Report by BlackBerry. This white paper from BlackBerry, the mobile-native software and services company dedicated to securing the Enterprise of Things, features the analysis and thoughts from a 10-expert roundtable late last year looking at trends in cyber and mobile security.
Præsentation for PROSA listing some threat and how to reduce risk - open source oyu can reuse slides for your own presentations https://github.com/kramshoej/security-courses
Looking Ahead Why 2019 Will Be The year of CyberwarfareSecuricon
One year away from the third decade of the 21st century and technology has finally caught up with science fiction. In 2019, we’re going to hear more news about driverless cars, revolutions in artificial intelligence and commercial applications for drones. One thing is for sure: it’s an exciting time to be alive.
This research report studies the economic impact that Cyber Security attacks have on
society as a whole. The aim of this analysis is to examine the negative and positive
impact of these compromises on multiple entities. Our descriptive analysis focuses on
individuals, private and public organizations, costs, revenues, innovations, and jobs to
determine if proliferations of these attacks are either, negative or positive. Although this
paper draws upon the economic factors as result of cyber-attacks, it looks at the outlay
in its historical context of capital expenditures to private and public organizations due to
the increased number of compromises and factors of this paradigm helping to fuel the
growth of innovations or spawn a new industry as a whole
This research report studies the economic impact that Cyber Security attacks have on society as a whole. The aim of this analysis is to examine the negative and positive impact of these compromises on multiple entities. Our descriptive analysis focuses on individuals, private and public organizations, costs, revenues, innovations, and jobs to determine if proliferation's of these attacks are either, negative or positive. Although this
paper draws upon the economic factors as result of cyber-attacks, it looks at the outlay in its historical context of capital expenditures to private and public organizations due to the increased number of compromises and factors of this paradigm helping to fuel the growth of innovations or spawn a new industry as a whole.
Public Relations Campaign for SecureWorks for IMC 618: PR Concepts & Strategy. Campaign is focused on increasing brand awareness among both big and small businesses as well as potential investors.
This slideshow discusses the importance of Government Surveillance as it pertains to National Security. A Look at some of the legal issues on Public Privacy and Mass Information Intelligence Gathering.
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...Vincent Mwando
A paper writing submission on an existing or emerging area in Internet Governance, leveraging the learnings from the course (Internet Governance) and Internet Society 2021 Projects. Papers will be evaluated by a selection committee and the best submissions will be selected as IGF Youth Ambassadors.
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ransomware Attacks Perspective (pp. 79-82)
Sulaiman Al Amro, Computer Science Department, Computer College, Qassim University, Qassim, Saudi Arabia.
Vol. 18 No. 6 JUNE 2020 International Journal of Computer Science and Information Security
https://sites.google.com/site/ijcsis/vol-18-no-6-jun-2020
A paper writing submission on an existing or emerging area in Internet Governance, leveraging the learnings from the course (Internet Governance) and Internet Society 2021 Projects. Papers will be evaluated by a selection committee and the best submissions will be selected as IGF Youth Ambassadors.
The Future of Security in Australia: a Think Tank Report by BlackBerry. This white paper from BlackBerry, the mobile-native software and services company dedicated to securing the Enterprise of Things, features the analysis and thoughts from a 10-expert roundtable late last year looking at trends in cyber and mobile security.
Troels Ørting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ørting is a globally recognized Cyber Security Expert. He has been working in cybersecurity ‘first line’ for over 4 decades. Throughout career, Mr. Ørting has been working with governments and corporations to advise on how they react to the increasing international cyber threats, and worked closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT Department and Deputy Head, OC Department, Europol, EU’s Police Agency; Head of European Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18, Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime Coalition, of which most banks are partners, and has very strong experience in cyber security. Since 2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World Economic Forum Centre for Cybersecurity (C4C).
Troels Oerting
“WE, IN SECURITY, SHOULD NOT PROMOTE FEAR – BUT PROTECT HOPE”
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the number of users, applications, storage, connections and algorithms outpaced what we had seen before. The huge possibilities provided by the Internet created a ‘tech’ environment attracting the best brains the World could produce and geopolitical tensions between China, Russia, EU and US intensified the regional competition on ‘who controls the Internet’ and the subsequent influence, growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet enabled communication tools substituted physical meetings, teaching, marketing, trading, reading, accounting, watching and demand for online services surged and Accenture has estimated that globally we went through 3 years normal speedy digital transformation in just 3 months. This will continue. We will not go back to the ‘old days’ even after we get a vaccine. We will continue to work remotely – not necessarily from home but from anywhere. Both employers and employees have seen the benefits of this new flexible work-regime providing support from working both from offices and from anywhere.
“In the future everything will be connected, everything will be sensing, everything will be stored and everything will be used, sold or utilised in other ways”
THE FUTURE will provide more positive opportunities for the global, and connected, citizen – for businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also present challenges to security, privacy...
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTopCyberNewsMAGAZINE
Chuck D. BROOKS, President of Brooks Consulting International
Mr. Brooks is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020 Onalytica "Who's Who in Cybersecurity" – as one of the top Influencers for cybersecurity issues. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic. He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES.
In government, Chuck has received two senior Presidential appointments. Under President George W. Bush Chuck was appointed to The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He also was appointed as Special Assistant to the Director of Voice of America under President Reagan. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill.
In industry, Chuck has served in senior executive roles for General Dynamics as the Principal Market Growth Strategist for Cyber Systems, at Xerox as Vice President & Client Executive for Homeland Security, for Rapiscan and Vice President of R & D, for SRA as Vice President of Government Relations, and for Sutherland as Vice President of Marketing and Government Relations. He currently sits on several corporate and not-for-profit Boards in advisory roles.
In academia, Chuck is Adjunct Faculty at Georgetown University’s Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs where he teaches courses on risk management, homeland security, and cybersecurity. He was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.
In media, Chuck has been a featured speaker at dozens of conferences and webinars (Recently, Chuck briefed the G-20 Energy Conference on operating systems cybersecurity). and has published more than 200 articles and blogs on cybersecurity, homeland security and technology issues. His writings have appeared on AT&T, IBM, Microsoft, General Dynamics, Xerox, Cylance, Checkpoint, and many other blogs.
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenPaul van Heel
See https://i4ada.org for additional information and videorecordings of the presentations held at the Hague Summit for Accountability in the Digital Age
From the Cuckoo’s Egg to Global Surveillance Cyber EspionJeanmarieColbert3
From the Cuckoo’s Egg to Global Surveillance:
Cyber Espionage that Becomes Prohibited
Intervention
Nicolas Jupillat†
I. Introduction ........................................................................ 934
II. Misconceptions about the Regulation of State Conduct
in Cyberspace ..................................................................... 937
A. From “Code is Law” to “Law is Law” ......................... 937
B. International Law is the Law of Nations ....................... 938
C. International Law is Law .............................................. 939
D. Cyberspace and Normative Opportunism ..................... 940
III. Sovereignty ........................................................................ 940
A. Generally ....................................................................... 940
B. Sovereignty in Cyberspace ........................................... 942
C. Non-Intervention ........................................................... 945
1.
The Origin of the Coercion Concept ..................... 948
2.
The Meaning of Coercion ...................................... 949
IV. Espionage Generally .......................................................... 951
A. Wartime ........................................................................ 951
B. Peacetime ...................................................................... 953
1. Definition ................................................................ 953
2. Unsettled Law ......................................................... 954
3. Exceptions to the Case Law Gap ............................ 959
C. International Domains and Organizations .................... 961
1. Domains .................................................................. 962
2. Organizations .......................................................... 966
IV. Cyber Espionage ................................................................ 967
A. What Cyber Espionage is and how it Differs from
Traditional Espionage ................................................. 967
1. Computer Network Exploitation ............................. 968
2. Communications Intelligence ("COMINT") ........... 970
3. Secret Information-Sharing ..................................... 972
B. Why Should Cyber Espionage Be Deterred? ................ 974
† Visiting Professor, University of Detroit Mercy School of Law and Center for Cyber
Security and Intelligence Studies, Google Policy Fellow at the Canadian Internet Policy
and Public Interest Clinic, IEEE Global Initiative for Ethical Considerations in Artificial
Intelligence and Autonomous Systems Law Committee.
934 N.C. J. INT'L L. [Vol. XLII
C. How And When Cyber Espionage Becomes Illegal ..... 978
1. How ......................................................................... 978
2. When: Scale and Coercion ........................ ...
Isao MATSUNAMI - Digital security in japanese journalismREVULN
Massive leaks such as Wikileaks, Panama Papers and Snowden have made journalists realize that good old "just-meet-people-shoot-photo" days are gone.
Getting leak documents over the internet, grappling with data format, processing text with machine learning and protecting sources from surveillance are all getting new-norm for journalism.
However reporters, generally and historically, would be the last species to understand digital technology and data-oriented thinking.
I would like to share my experiences of teaching digital security to journalists and discuss difficulties of journalism in this post-truth world.
Corporate Data, Supply Chains Vulnerable to Cyber Crime Attacks from Outside ...Dana Gardner
Transcript of a BriefingsDirect podcast in which cyber security expert Joel Brenner explains the risk to businesses from international electronic espionage.
Bashar H. Malkawi, The Forum on National Security LawBashar H. Malkawi
The National Security Law Brief is excited to publish the second issue of the Forum on National Security Law. This issue, completed with the help and support of the Volume IX editorial board, is a project designed to increase the Brief’s scope by providing an opportunity for practitioners and students alike to explore debates in national security law and policy through short, topical pieces.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
2. www.infosecurity-magazine.com 17
@InfosecurityMag
@InfosecurityMag ROBERT HANNIGAN
They say variety is the spice of life
and that’s a phrase that comes
to mind when reflecting on the
illustrious career of Robert Hannigan; a
career which shows no signs of abating.
Hannigan first came into prominence
as a result of his involvement in the
notoriously complex Northern Ireland
peace process during the noughties, for
which he was singled out for praise by
former UK Prime Minister Tony Blair in
his autobiography.
Following this experience, Hannigan
held a number of high-profile
intelligence and security roles in the
UK government, where he played an
instrumental role in developing the UK’s
early approaches to cybersecurity at a
national level. Hannigan now resides
in the private sector, as chairman at
early-stage cybersecurity services
company BlueVoyant, alongside holding
numerous advisory positions in the
industry. Hannigan is unsurprisingly
considered a leading authority in
the field of cybersecurity, and can be
regularly found speaking and writing on
major issues affecting the sector.
The opportunity to discuss his
exciting career to date, as well as
get his perspectives on the world of
cybersecurity more generally, was one
that we here at Infosecurity found simply
too good to turn down.
Sadly, but inevitably, given the
ongoing COVID-19 crisis, we are forced
to conduct the interview virtually. This
is a shame, especially as this is the first
time I have met Hannigan. Nevertheless,
I am immediately struck by his friendly,
unassuming manner, which allows the
conversation to flow from the off.
From Peace Process
to Cybersecurity
An interesting aspect to Hannigan is
that by no means does he have a ‘typical’
background for someone so prominent
in cybersecurity. As he modestly
acknowledges, he doesn’t “have a deeply
technical background,” and studied
classics during his time at the University
of Oxford. Although he has always held a
strong interest in technology, borne out of
his fascination with the incredible code-
breaking work undertaken at Bletchley
Park during World War 2, he admits that
he didn’t expect his career to pan out in the
manner it has. In many ways, this makes
his subsequent journey in such a technical
industry all the more impressive.
After an early career in the private
sector, he served in the Northern
Ireland Office for the UK government
from 2000-2007, where he was heavily
involved in ensuring the success of the
peace process following the Good Friday
settlement in 1998. This experience
in Northern Ireland, where he and
his family lived for a number of years,
exposed him to issues around national
security, including terrorism. Just as
the ‘troubles’ in Northern Ireland were
coming to an end, the threats posed by
Islamic terrorism began to ramp up in
the UK, and this led to Hannigan’s new
calling – as the Prime Minister’s security
advisor and head of security, intelligence
and resilience at the Cabinet Office.
As Hannigan puts it in his usual
humble style, “I guess the civil service
thought I must know about terrorism
having been in Northern Ireland and
thought I’d be fit for the job.”
In this dual role, Hannigan advised
the Prime Minister on “anything topical”
in security, and assisted in shaping the
government’s response to a range of crises
that took place over this period. This
involved “everything from floods – there
was a lot of flooding at the time – to food
shortages and [topically] a pandemic,
swine flu,” he explains. He was also
responsible for the funding and oversight
of the three UK intelligence agencies.
During what he calls “an interesting
time in government,” cybersecurity
really came to the fore inside Whitehall,
and Hannigan helped develop the UK
government’s first cybersecurity strategy.
“Both Tony Blair and Gordon Brown
could see the strategic importance of
cyber and said we need to sit down and
work out who’s responsible and how do
we get ahead of this,” he outlines.
In 2010 Hannigan took up the post of
director general, defence & intelligence
at the Foreign and Commonwealth
Office, where he observed the
beginnings of cyber-attacks being
utilized by hostile state and non-state
actors with the intent of damaging the
UK state and its infrastructure. This
differed from the financial motivations
of traditional cyber-criminals.
“It was clear that terrorism and other
threats were going online, so there was
a natural concern about cyber. Cyber-
attacks were growing, and we could see
that was only going in one direction,”
he comments.
ROBERT
HANNIGAN
Former Director of GCHQ, Robert Hannigan, has navigated a somewhat unexpected
cybersecurity career through government and now the private sector. He talks
to James Coker about his days advising the Prime Minister and his passion for
increasing diversity in the industry
Both Tony Blair and
Gordon Brown could see
the strategic importance
of cyber”
“
3. 18 www.infosecurity-magazine.com
Amid this increasingly dangerous
landscape, in 2014 Hannigan was
appointed to the prestigious position of
director of GCHQ, the UK’s intelligence
and security agency. Here, he was at the
heart of a number of transformational
structural changes to the way the UK
approached cybersecurity, which continue
to have a profound impact to this day.
He notes that prior to taking up this
post, “for some years GCHQ did a good
job in raising awareness by talking to
the private sector about the issues long
before anybody was really focused
on this.” However, with reliance on
the internet growing throughout all
sectors, including in critical national
infrastructure, there “was a feeling that
government had to intervene more and
do more at scale for the country, and
bring the expertise and some of the data
available to GCHQ together with the
private sector’s expertise and data.”
This notion of the government playing
a more active role in cyber-defense
alongside the private sector, which held
most of the cybersecurity skills and
resources at this time, led to the creation
of the National Cyber Security Centre
(NCSC). The body, which became
operational in 2016, offers cybersecurity
guidance and support for both the
private and public sectors. Hannigan
also highlights the importance of the
Active Cyber Defense (ACD) program
in the NCSC, which was developed
during his tenure at GCHQ. This
provides tools and services, free at the
point of use, to protect against a range of
cybersecurity threats.
It’s fair to say that the rise in cyber-
threats during his time working in
national security and intelligence forced
Hannigan to become an expert in this
domain. He highlights two trends
that he observed in this area while in
government, the first of which was “the
commoditization of hacking/cyber-
attacks as a service or tools for sale, and
that led to an explosion of cybercrime
and new business models that really
worked for cyber-criminals.”
The other, he recalls, “was as relations
between countries began to deteriorate,
nation-states started to do reckless
things at scale and we’re seeing that now
with Russia, China and North Korea.”
He adds that “it feels like there’s no
constraint now in nation-state behavior,
and that’s really worrying.”
It’s easy to see why Hannigan was
entrusted to take up such high-pressured
security positions at the heart of
government. His carefully measured
and balanced responses to my questions
suggests he’s someone who won’t be
fazed in a crisis, or prone to making rash
decisions that could escalate tensions.
Experiencing Both Sides
of the Fence
After stepping down as Director of GCHQ
in 2017, with a decade of experience in the
sector under his wing, it is unsurprising
that Hannigan decided to continue
working in the field of cyber, albeit this
time in the private sector with startup firm
BlueVoyant. As well as being attracted to
the company by its “highly skilled people
with a strong sense of mission,” he relished
having the opportunity to experience
“both sides of the fence, to see how the
private sector works.”
Hannigan believes more of this kind
of crossover is vital, as it improves
understanding of the challenges
facing all stakeholders. His personal
journey has provided him with these
experiences, seeing “the sharp end of
cyber-attacks against the country” while
at GCHQ, and in the private sector,
having the opportunity to undertake
research into “where the threat is going.”
At BlueVoyant, he regularly interacts
with CISOs to understand the challenges
they are facing in order to see how his
organization can be of help.
Putting all these experiences together,
Hannigan has concluded that the
cybersecurity skills gap is the “biggest
single issue” facing the sector. In his
view, tackling this problem requires
more collaboration between the
government and private sector, and
also increasing the use of automation to
detect and combat threats. He believes
the latter “has to be a big part of the
future of cybersecurity because the skills
shortage isn’t going to get much better
for such a long time.”
Taking action to address the skills gap
in cybersecurity is something Hannigan
is just as passionate about now in the
private sector as he was when working
in government. This is even evident in
his demeanor as he discusses this subject
in great depth during our call, sitting up
a little from the relaxed position in his
chair and speaking at a faster tempo.
In particular, he believes it is not
just morally right, but a strategic
necessity to ensure that more people
from underrepresented communities,
such as women and ethnic minorities,
are empowered to pursue a career in
cyber. Not only will this provide a much
wider pool of talent to select from than
is currently the case, it will also ensure
there is greater diversity of experiences
and viewpoints, which will be important
in keeping up to speed with the tactics of
cyber-attackers. He points to a number
of initiatives in this area that were
first launched when he was director
at GCHQ and are continuing to this
day, including the annual CyberFirst
Girls Competition, which is designed
to inspire school-age girls to consider
pursuing a career in cybersecurity.
At BlueVoyant, Hannigan highlights
the use of US-based internships and
mentoring schemes that are particularly
focused on African American and other
disadvantaged communities. However,
he cautions that persistence and patience
is required to see results emanating from
such initiatives. “All those things are
really great and will over time make a
difference. There are lots of other people
doing initiatives to try and get more
people into cybersecurity, including
those groups that are underrepresented
and women especially – it’s a huge
problem that over half of the population
isn’t fully engaged in this,” he comments.
“So we need to crack that, but these
things will take a long time and they’re
relatively small scale. It’s going to take
some years to actually shift the overall
picture on cyber-skills but we have to
keep trying new things.”
Never Too Late to
Enter the Industry
As well as making a cybersecurity
career more accessible to those from
underrepresented groups, Hannigan
strongly believes the sector needs to
become far more welcoming to those
Robert Hannigan, as Director of GCHQ, hosted
the Queen and the Duke of Edinburgh at the
official opening of the NCSC on 13 February
2017, at its headquarters in central London
PROFILE INTERVIEW
4. www.infosecurity-magazine.com 19
@InfosecurityMag
@InfosecurityMag
END
from non-technical backgrounds.
“Within BlueVoyant, we no longer say
you have to have a computer science
degree; we’re much more open to
experience and aptitude and I think
that’s the way to go for everybody. We’ve
been much too traditional in the cyber
sector in the way we recruit and measure
skills,” he says.
You could say this is something of
a personal issue for Hannigan. While
interested in technology throughout his
life, he has essentially been forced to
learn this side of things ‘on the job’.
As a result, he knows it is
very possible for people to learn
technical skills outside of traditional
academic settings, and initiatives like
apprenticeships are especially important
in enabling this. Hannigan notes: “We
really expanded and accelerated those
at GCHQ because a lot of people don’t
want to go to university but they enjoy
technology and are good at it.”
These skills can be garnered in a
number of ways. Hannigan highlights
how he regularly speaks to - and
asks questions of - colleagues with
greater levels of technical expertise
than himself in order to learn from
them. Additionally, he notes, there
are a number of great online training
resources in cyber that can be utilized
by those considering switching careers.
“The great thing about the cyber age is
that yes there’s a skills shortage, but if
you want to acquire those skills you can
go and do it online,” he outlines.
He is also is at pains to emphasize that
it’s never too late to join the industry.
“The other thing I’d say is that you
should never assume it’s too late to learn
new skills in cyber,” he outlines. “So as
well as focusing on underrepresented
groups, such as women, we should look
at, and try to encourage mid-career
people to switch across and to learn at
least one niche area of cyber. You don’t
have to be 20 to do this.”
Cybersecurity:
A Team Sport
Hannigan also strongly believes that
cybersecurity is a team endeavor, made
up of different, but equally important,
component parts. “We focus on
technology in cyber, but actually it’s all
about people,” he explains. “If you get
the right people with the right skills and
accept that they will know much more
than you about whatever specialism
they’ve got and then you put the right
mixture of people together, that’s when
you get amazing things happening.
That’s true in GCHQ and it’s also true in
the private sector.”
Drawing on his own extensive
experience in leadership positions in the
industry, both in the public and private
sectors, he emphasizes that individuals
can only be effective as part of a wider
group, all pulling in the same direction.
“The one thing I’ve learned from day
one is that cybersecurity is a team sport,”
Hannigan comments, adding that “cyber
involves so many different technical
areas of expertise and so many wider
areas that it has to be team.”
The promotion and development of
new cybersecurity startup companies
is another passion of Hannigan’s,
as displayed by his involvement at
BlueVoyant, which he joined near the
start of its inception in 2017. As with
the skills gap issue, I can see his passion
come through on this topic in his
slightly more intense body language and
voice, which have generally been very
relaxed throughout the discussion. He
says: “It’s great to see how a company
develops as you go through stages
of maturity and expansion, and as
somebody coming from government
and used to really big organizations, it’s
been a really interesting journey.”
Hannigan is also able to act on this
passion through his role as chairman,
industry advisory board at the London
Office for Rapid Cybersecurity
Advancement (LORCA). This is a UK
government-backed initiative designed
to act as a launchpad for early-stage
cybersecurity companies, connecting
them with investors. It has proved very
successful so far – last year it was found
that cybersecurity startups and scaleups
that have progressed through LORCA’s
innovation program since it started in
2018 have collectively raised over £150m
in investment.
Amid increasing and more
sophisticated attacks, Hannigan
believes the innovative and fluid
nature of startups will be critical in
developing the solutions needed to
counter increasingly sophisticated
threat actors. “That’s been fascinating
to watch, and I think they’re doing
great things – there is a really dynamic
sector out there,” he notes.
In terms of those he most admires
in the industry, Hannigan explains
that particularly through his role
at BlueVoyant, he has gained an
enormous appreciation for the job
CISOs do, and the challenges they
have to navigate on a day-to-day basis.
“I think they parallel what government
tries to do: they’re trying to manage
current events and challenges and
there’s a huge workload,” he explains.
“But they also have to keep their eye
on future developments. The day job
is really tough and I admire those who
do it.”
Hannigan also expresses admiration
for initiatives undertaken by tech giant
Microsoft in recent years, particularly
in the area of cloud security, which
he feels “will transform and improve
security for many companies.” He adds:
“I admire them because I think here’s a
global tech company using its awesome
global metadata on cyber around the
world to make things better. And it’s
not always said that tech giants do the
right thing.”
It’s noticeable that the recurring
theme throughout our discussion with
Hannigan is that of teamwork – both
in reference to internal teamwork, and
externally, with public sector bodies
and small and large private companies
all having a vital role to play in keeping
society secure amid an increasingly
dangerous threat landscape.
As someone who has experienced
all areas of the industry in one way
or another, it will be characters like
Hannigan who will be pivotal in
bringing the sector together to fight our
common foes
ROBERT HANNIGAN
We’ve been much
too traditional in the
cyber sector in the
way we recruit and
measure skills”
“
Robert Hannigan
will be the
Keynote Speaker
on Day 3 of the
Infosecurity
Europe event,
taking place
from 13-15
July at Olympia London. He
will be discussing a range of
topics, including nation state
sponsored cyber-attacks