Story image

Have I Been Pwned creator Troy Hunt to give lesson on security-centric cultures

23 Jan 18

The man behind online data breach notification website ‘Have I Been Pwned’ is taking his world-renowned security skills to enterprise technology learning platform Pluralsight once again.

Troy Hunt, who created Have I Been Pwned, is both a Microsoft regional director and MVP for developer Security. He has created at least 20 courses for Pluralsight and speaks at events around the world.

Hunt’s new course, titled ‘Creating a Security-Centric Culture’ is designed to help CISOs and their teams with insight into the tools and methods needed to fight breaches and cyber attacks.

It will analyse why security must be part of every company initiative through a security-first mindset. It will also look at how development and security teams can work together more closely; and how security threats affect real organisations.

“Security must be top of mind for all technology professionals in an organisation, not just the designated security team,” comments Hunt.

“With a new hack or breach happening almost daily, organisations must develop the skills required to safeguard and manage against security threats by making security the norm rather than the exception.”

Pluralsight notes a statement from Gartner that points out the broad nature of security disciplines and their connection to the cybersecurity skills shortage.

"One reason there is a persistent skills shortage for cybersecurity roles is that cyber skills cover a number of distinct disciplines, ranging from secure coding practices, full-stack knowledge of IT infrastructure to legal and regulatory compliance.”

Gartner also notes that “security and risk management leaders will need to invest in training (technology and conceptual) for those skills that are missing among their current staff and are not readily available with current applicants."

Since launching its cybersecurity content category in July 2016, Pluralsight has conducted more than 100 courses across different disciplines, including penetration testing, incident response, digital forensics, secure coding, security compliance and security assessments.

Hunt has hosted a number of courses including HTTPs education, ethical hacking, Azure, API hacking and OWASP.

According to Cerner’s VP chief architect of cloud apps ops, Kevin Shekleton, his company used to struggle with developing its own security education programs.

“Prior to Pluralsight, we spent hours developing our own security education taught by our developers, but given the large size of our organisation and the cost of developing content, we found the obstacles to offering a comprehensive program within our own development organisation were too large,” he says.

“With Pluralsight, we replaced this internal education with better equivalent content. We now also have access to content that is kept current that would have proved challenging to develop ourselves without a dedicated team. Pluralsight has allowed us to ensure that all roles in our development organisation have the knowledge to build secure health care solutions.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.