Security Mini Spring School: Application Security & Risk and Threat analysis

09/03/2015 - 18:00
09/03/2015 - 20:30

This is the first talk in our Security Mini Spring school.

Venue: University of Bristol , Room 1.11, Merchant Venturers Building

6.00pm arrival
6.30pm first talk
7.15pm second talk
8.00pm combined Q&A panel (both speakers)
8:30pm event ends

Please register for this event here. This event is free to members and non.members.

Declan O’Riordan “Application Security”

When I speak about application security everyone seems to get the idea, but not everyone has the tenacity to read my (free) security testing procedures or development guidelines, let alone start applying the ideas themselves. This talk will start with a brief recap on the deteriorating state of application security, but instead of leaving you feeling helpless we will verbally walk through a some real-world security tests. You will gain a clear understanding of some security tests that could be done by anyone, and enough insight into the tricky ones to know when to use security experts, and how.

Robert Pritchard “Risk & Threat analysis”

Making a case for cyber security used to be difficult, but now your business case can be snippets from the front page of newspapers. In other words hacking makes headlines daily. But understanding what matters to you and your organisation is challenging, as is deciding exactly what it is you should do. How do you prevent hackers getting into your network? Is it even possible to do that completely?

The talk will look at case studies, both from the media and from the speakers own working experience, and examine how you can learn from these. It will cover the criticality of incident response, and the benefits and additional assurance proper security monitoring can bring to your business. This will all be illustrated with demos of real live security threats.

Declan O’Riordan started his IT career 34 years ago and has arrived in cyber-security via development and testing. The realisation that hardly any of his colleagues knew how to build secure web applications, yet were churning them out regardless, inspired him to gain a working understanding of security and spread that knowledge across IT and business departments at the European Medicines Agency. Last year Declan achieved the unprecedented double success of winning the prizes for best conference paper and best talk at the EuroSTAR testing conference.

Robert Pritchard is a specialist in security operations and has established and managed security operations centres for both the UK government and large multinational organisations.

As deputy head of the UK Government’s Cyber Security Operations Centre, Rob played a key role in preparations for the London Olympics where he led on the development of incident response measures and was responsible for the cyber exercise programme.

Rob founded consultancy ‘The Cyber Security Expert’ with the aim of demystifying cyber security and helping organisations develop and deploy effective responses to the threats they face. Rob is also a freelance writer, and has published cyber security articles in a number of specialist magazines, notably IHS Janes.

Rob is a RUSI Associate Fellow for Cyber. He is an excellent and knowledgable speaker, combining his technical understanding with a genuine passion for the subject. He believes that cyber security should be explained in a clear and straightforward manner, and is an expert at providing succinct, jargon-free reports and analysis which focus on the key issues.

Slides from Declan

Declan ha provided the slides from his talk