Story image

Have I Been Pwned creator Troy Hunt to give lesson on security-centric cultures

23 Jan 2018

The man behind online data breach notification website ‘Have I Been Pwned’ is taking his world-renowned security skills to enterprise technology learning platform Pluralsight once again.

Troy Hunt, who created Have I Been Pwned, is both a Microsoft regional director and MVP for developer Security. He has created at least 20 courses for Pluralsight and speaks at events around the world.

Hunt’s new course, titled ‘Creating a Security-Centric Culture’ is designed to help CISOs and their teams with insight into the tools and methods needed to fight breaches and cyber attacks.

It will analyse why security must be part of every company initiative through a security-first mindset. It will also look at how development and security teams can work together more closely; and how security threats affect real organisations.

“Security must be top of mind for all technology professionals in an organisation, not just the designated security team,” comments Hunt.

“With a new hack or breach happening almost daily, organisations must develop the skills required to safeguard and manage against security threats by making security the norm rather than the exception.”

Pluralsight notes a statement from Gartner that points out the broad nature of security disciplines and their connection to the cybersecurity skills shortage.

"One reason there is a persistent skills shortage for cybersecurity roles is that cyber skills cover a number of distinct disciplines, ranging from secure coding practices, full-stack knowledge of IT infrastructure to legal and regulatory compliance.”

Gartner also notes that “security and risk management leaders will need to invest in training (technology and conceptual) for those skills that are missing among their current staff and are not readily available with current applicants."

Since launching its cybersecurity content category in July 2016, Pluralsight has conducted more than 100 courses across different disciplines, including penetration testing, incident response, digital forensics, secure coding, security compliance and security assessments.

Hunt has hosted a number of courses including HTTPs education, ethical hacking, Azure, API hacking and OWASP.

According to Cerner’s VP chief architect of cloud apps ops, Kevin Shekleton, his company used to struggle with developing its own security education programs.

“Prior to Pluralsight, we spent hours developing our own security education taught by our developers, but given the large size of our organisation and the cost of developing content, we found the obstacles to offering a comprehensive program within our own development organisation were too large,” he says.

“With Pluralsight, we replaced this internal education with better equivalent content. We now also have access to content that is kept current that would have proved challenging to develop ourselves without a dedicated team. Pluralsight has allowed us to ensure that all roles in our development organisation have the knowledge to build secure health care solutions.”

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.