Graham started work on anti-virus software 25 years ago, long before the term cybersecurity was coined. In a gripping presentation he describes the damage caused by targeted attacks - from theft of data and IP to loss of reputation. He reveals the real-world, everyday nature of many attacks, from ransomware to spear-phishing emails and the often quite mundane ways in which companies, even the likes of Google and Facebook, have lost millions through security gaps that are as likely to be human as technical.
Graham Cluley has been at the forefront of cybersecurity for over 25 years, since before most organisations had even heard of it. He’s worked for some of the biggest companies in the field and is now a respected blogger and consultant in the area.
Having started out programming, Graham joined one of the first large computer security companies, Dr Solomon’s, as their chief Windows anti-virus programmer. He stayed with the company, taking on international strategic roles before joining McAfee when the security giant bought Dr Solomon’s. Graham then moved to Sophos, one of the world’s biggest business cybersecurity companies as Head of Corporate Communications / Senior Technology Consultant and where he also became the editor of the company’s Naked Security website.
Graham looks at the actual, everyday threats faced by organisations. Away from headline talk of state-sponsored and zero day attacks, he delivers real-world examples of flaws and attacks that have cost businesses millions. He looks at the nature and origins of ransomware which encrypts data and ransom users to access it again. Often in the form of a download or attachment, the email from which the attack originates can often be backed up by a phone call to a user to convince them of its authenticity. Business email compromises (commonly known as CEO fraud) where hacking into an email system reveals both email addresses and information on clients, projects and payments. By sending an email purporting to be from a senior person authorising a payment, huge sums have been lost by companies, even the likes of Google and Facebook have fallen foul. And insider attacks, where employees or contractors enter the company (or allow others to enter) with ill intent giving first hand access to systems and security.
All it takes is one mistake or oversight; one person to forget or to assume too much. In a world of social media profiles and sharing, people and organisations have to accept you can never be completely invulnerable. But by raising awareness of the common forms of attack and helping individuals to think twice about their own personal as well as professional vulnerabilities, sensible precautions (both technical and practical) will become part of the culture.
Graham’s blogs and tweets are widely praised as being at the forefront of news and information on the rapidly changing world of digital and cybersecurity. From malicious attacks to data theft, corporate espionage to mischief-making and campaigning exposés, he considers the hype and the reality of the threats to nations, organisations and individuals and why we should all take our security more seriously.
© Copyright 2019 JLA. All rights reserved.
JLA Speakers Breakfast