Start your career in IT security

UK Apprenticeships in Cyber Security

Cyber security apprenticeships are popping up a lot these days. Our company consistently hires apprentices throughout the UK, and our competitors in Europe and across the world are doing the same. Apprenticeship is a combination of on-the-job training (OJT) and...

read more

Educating yourself in information security

This will be a quick 500 – 1000 words on how to self educate in security. First, I will walk through some needed assumptions. Then I’ll wax philosophic about some of the things you should most definitely do. Then I’ll encourage you to find your own links using some...

read more

How I Hire for Cyber Delivery

There are times at work when I consult with large organisations. During those consultations I sometimes design cyber security platforms for the clever analysts to use. When that happens, I work with a quite robust delivery team to recruit the right people into the...

read more

From entry-level to CISO

What you should be thinking about now to prepare you for your career Overview of what we’ll try to do in this section, I’d like to take a high-level look at a potential career path for someone looking to become a CISO. When I say CISO I really mean the head of a...

read more

Always be learning

I went to a SANS workshop a few weeks ago, after spending a day mentoring young women in Step Into STEM mentoring program. I like London, there are a lot of talented people trying to help other talented people. I was asked about my specialty. “What is the one thing...

read more

Ethical hacking as a step towards cyber platform

Ethical Hacking is a great consultancy offer before you sell a platform for security. If you can find and train clever hackers, and if you can retain those hackers that you’ve recruited, you’ll be in a fantastic position. But what are some strategies for hiring...

read more

Professional Business Career Paths in Infosec

I’m beginning this post talking about “professional” career paths in infosec. That’s a bit unfair to the brilliant professionals working in the technical side, and if you are technically minded and reading this, please don’t be offended. There is nothing...

read more

Technical Career Paths in Cyber Security

I’ve mentioned before that there are all kinds of people who find work in IT security. If you wanted to categorize, you could say that there are business people and technical people. That’s not entirely accurate, but for this topic today, let’s make it simple. I’d...

read more

Getting a job in cyber security

You’re about to embark on an incredible journey. For many, a position in security is like any other job with the project management, corporate ladder, sales bonuses, politics, management and straight forward objectives. If you are a professional then there will be a...

read more

New You

Cyber security - analysts, operations, managers, engineers - is huge. It won't stop being huge for a few years still. And if you are able to join this career, you will gain skills and experience that you'd need to be very successful in the long term. We'll help you do...

read more

How to act before you apply for a job

If you are trying to get into IT Security you should act in a specific way leading up to your job applications and interviews. Take yourself and the career seriously. Create an RSS feed and read security news and listen to security podcasts every day. Identify the...

read more

Are you a business grad? We need you in security

Most people looking to join this cool career are techies. They are hackers or hacker wanna-bes. Most young people I meet want to do Pen Testing. Pen Testing is ethical hacking. Hacking for fun and profit, legally. It's good fun. You solve problems. But if you look...

read more

Keeping Your Small Business Safe: 3 Easy Steps

There are dozens of things you can do to incrementally increase your website safe. Websites that do security will give you those details. Some even ask you to open up .htaccess files or wp-config.php files and re-write code. Re-write code! That's insane. If you don't...

read more

Protecting documents with remote teams

Assumption: You are a business owner and you have at least one remote staff. You'll want to think about and find a solution for your files at rest (where they are stored) and your files in transit (when they are sent to you). If you are having someone send you blog...

read more

A case for outsourcing at least some of your security

The Cloud is just someone else’s computer. If you didn’t know, now you know. You are accustomed to using the cloud for a lot of your business already. Most businesses that I speak with outsource to the cloud their storage (Dropbox), their web hosting (Blue host), and...

read more

Why the CISSP is worth it (for me)

I am studying for and will take my CISSP exam because I want to maintain a career differentiator. I recognise that at a high level, your degrees, certifications, and other stuff don’t matter as much as what you’ve done and who knows that. At a high level, it is about...

read more

Should a small business focus on internet security?

If you have a website that tells people what you do, but most of your business is word-of-mouth, then internet security can be a low priority. If you go door-to-door selling things to people, then internet security can be a low priority. If you don’t need to store...

read more

Backup Your Website

Whenever I setup a backup solution for a friend with a small website, I recommend Backup Buddy. It's quick and easy. This isn't a marketing post; there are other backup solutions that you can use. Find one that fits your effort, skill, and budget. This post is a quick...

read more

Active Defense

When I watch sports, like basketball, American football, or rugby, I am drawn to the defence. I find defence amazing. It might be why I'm utterly drawn to the San Antonio Spurs. There is a counter-intuitiveness that goes with enjoying defence. The dunks, touchdowns,...

read more

Cyber Security Job Interview Strategy

I hate the word "strategy" to describe common sense, but it's language people can understand. In this quick post I explain common sensical steps I've taken and advised people to take that work. It's not genius. It's based on the principle of: Be serious, do your...

read more

A Simple Step to Reducing Email Hacks

Stop using the 'Register with Google' buttons. You might want to stop using the 'Register with Facebook' buttons as well, depending on how valuable you find Facebook. If you stop using those, you are putting in place a simple strategy for reducing the chance of your...

read more

Ransomeware: Please know what this is all about

This post is actually a link to the US-CERT. A CERT is a Computer Emergency Readiness Team. Companies and governments lift CERTs to be able to deal with computer attacks and incidents. Part of their role is to identify and report vulnerabilities. There is an...

read more