Technology is constantly being superseded. Our iPhones need updating almost bi-weekly, our workday is often dependent upon Windows restarting and Facebook seems to enjoy a makeover on a monthly basis. The pace in which our technology moves is fascinating but we are not yet at the stage where we can comfortably move alongside it meaning it’s incredibly hard to safeguard and even harder to protect. Take your iPhone for example. You will receive a message to tell you it’s time for a software update and it might be hours, days or even weeks before you find the time to do it – then finding yourself with insufficient battery for the download and putting it off again. And don’t get me started on IoT, how do you upgrade or patch your toothbrush, Alexa or kids toys? Microsoft is another example. Your Word may have updated overnight; or during that all-important meeting which is always helpful, and it’s time to save your document. It’s now your responsibility as the user of this technology to save the document in the correct format rather than expect it to happen for you. Technology is moving light years ahead of our current processes causing some annoyance on a daily basis but more importantly, from a Cyber Security perspective, it’s leaving everyone who isn’t on top of it wide open. A new piece of technology could seem secure on day one but what about day 100? Artificial Intelligence can self-heal, self-upgrade and monitor itself – essentially do all of the things we can’t do ourselves, but, it also means we rely on AI and if it evolves too much, it can move into another realm and go from working for us to against us quite quickly. We need to start from scratch and create security by design. Hence the emergence of DevSecOps. You can’t build something and then think about its security later – all technology has to be designed with security in mind which could help us to secure AI and safeguard our evolving technology but by its very nature, AI is made to constantly evolve. That’s one race we are never going to win. I’d like to hear from you – do you think it’s possible to safeguard evolving technology
22 Mar 2019
Last week I had the pleasure of attending the Cloud and Cyber Security Expo in London where I spent the day listening to thought-leaders discuss their theories on the future of technology and the affect it might have on our Cyber Security. Of all the talks I listened to that day, it was one particular panel that really resonated with me. It was a quote by Simon Astbury, the CTO of Enersec during a discussion on enterprise security in a complex cloud environment that really got me thinking. He focused on the human element involved in data breaches and explained how the biggest culprits are ourselves. “Humans are the weakest link in the Cyber Security space as they make mistakes, they can be bribed, they can be corrupted and they can go insane.” We are in an era of elevated cyber-attacks, data breaches and legislation regulating the way we handle that data but what many outside of the security bubble don’t understand is that the majority of cracks can be fixed, internally. From locking computers when off-desk or double-checking email addresses before sending data, it’s often the simple errors that are the most destructive and a simple education could go a long way. We need to integrate security education into our everyday teaching and create a culture of protecting our own and each other’s data. I am currently producing an insight paper focused on the evolution of Cyber Security and explore how HR and security teams can work together to ensure humans’ are no longer the weakest link. To get involved in the production of the paper or to receive a copy once it’s published, please get in touch but in the meantime – join the conversation. Are human’s the weakest element in Cyber Security?
18 Mar 2019
EMEA CISONegotiableLondon Senior Finance Business Partner£80,000 - £85,000 per annum + bonus + benefitsSurrey Project Manager£500 - £550 per dayWindsor Head of HR£65,000 - £75,000 per annum + benefits packageLondon Management Accounting Manager£400 - £450 per dayLondon Commercial Finance Manager£60,000 - £70,000 per annum + benefits packageReading AWS Automation Engineer£55,000 - £65,000 per annumLondon Internal Audit Manager £50,000 - £80,000 per annumEdinburgh A wider selection of current vacancies can be viewed on our opportunities page or get in touch for a confidential discussion about how Stanton House can help you hire great people or assist with your own career goals.
13 Mar 2019
Head of HR £65,000 to £75,000 per annum + benefits package LondonFinancial Controller £120,000 to £130,000 per annum + car allowance + bonus + benefits BerkshireFinance Manager £55,000 - £65,000 per annum + bonus + benefits BerkshireSecurity Governance and Risk Manager Negotiable LondonInternal Audit Manager £50,000 - £80,000 per annum EdinburghJunior PMO or PMO Administrator £30,000 - £35,000 per annum LondonHead of Shared Services £800 - £1,000 per day London A wider selection of current vacancies can be viewed on our opportunities page or get in touch for a confidential discussion about how Stanton House can help you hire great people or assist with your own career goals.
05 Mar 2019
The role of the CISO has been elevated with a spree of high-profile data breaches dominating headlines and scaremongering businesses but, is it their exclusive responsibility to protect an organisations Cyber Security? One of the most common breaches, as we discuss quite frequently, is human error. Staff holding doors open to the wrong people, wearing ID badges around town, keeping monitors unlocked, incorrectly storing data or sending it to the wrong recipient. The fate of an organisation's Cyber Security is truly in the hands of their employees and with a bit of education, we could completely minimise the risk of a breach; but, is education really that simple? I caught up with a CISO in my network today who said computer-based training programmes simply aren't the answer. He said: "Education in Cyber Security is tricky as if you introduce computer-based training to monitor people’s levels of awareness you will be met with groans. If you tell your workforce you must do this, by this date, you’ll be tested on it and then you will have to do this annually in line with government legislation you will receive the opposite reaction to the one you’re after. "I’m pretty confident that if you want information to stick, information which isn’t immediately relevant to their day jobs, it’s not going to happen through computer-based testing. We need to throw this type of education away and embed it into existing training in the same way you would train your workforce not to leave a wire hanging between two desks." I am working on a white paper which explores the Ideal CISO and how Cyber Security and HR can work together to combat a lack of security education in the office. To receive a copy of the paper, please get in touch. But, in the meantime - join the conversation - how do we educate our workforce to reduce the risk of a data breach?
04 Mar 2019
An increased population and spate of high-profile cyber breaches have elevated the role of cyber professionals and increased the demand for their talent but the Defence industry is facing a series of people issues which is dramatically stunting its effectiveness. The Private and Public sector both face similar challenges which involve having to compete with technology start-ups for a shrinking pool of STEM qualified professionals, finding cyber professionals with a blend of both technical and soft skills and how to diversify their workforce by attracting women, BAME and LGBT minorities into an industry that carries connotations of conformity, hierarchy and unethicality. The Defence Industry is struggling to attract the right talent and we question whether a re-brand could help. In this insight document we will explore the people challenges faced by the industry, the solution to the war on talent and use the Ministry of Defence and Armed Services as an opportunity for growth. Request a copy of our white paper
28 Feb 2019
Any role that sits within or just shy of the c-suite now requires a leader who has the ability to engage with the whole business and the days of a CFO, CISO, CIO or CTO being data-driven are numbered. All four leaders are now required to influence and change mindset across the whole business but while they must work with their workforce, they also need to involve each other in their decision-making processes to solve finance-related Cyber Security matters caused by the growth of data and pertinent threat of attack. Financial Leaders must understand what precautions to take when doing their day-to-day role as the majority of external cyber-attacks are motivated by financial gain and while they do not need to be fluent in information security – they must understand how to limit risk and prevent internal breaches. Some of the most-common data breaches are caused by human error such as storing financial data in an unsecured location, sending a sensitive email to the wrong recipient and keeping essential information such as payroll in an open folder accessible to the whole workforce. If this workforce is not educated in how they can individually evade danger by simple things like locking their desktop or ignoring and reporting suspicious emails then the breach is essentially in the hands of the CFO and their failure to limit the risk of making that file accessible. Finance Leaders should be actively approaching their security teams or providers asking them for advice on how they store, access and share financial data. But, for three specific questions to ask your security teams as a leader of Finance I would ask the following: 1) Would you be able to tell if someone had accessed, moved or deleted your data and how is this monitored? 2) Do you have an authorised list of people who can access your financial statements and can you see if anyone else has accessed them? 3) Do you have a budget allocated for the security of your financial documents or intellectual property? For more advice on how to approach the topic of Cyber Security as a leader of finance please get in touch but in the meantime, join the conversation. Do you know what you should be asking your Cyber Security Teams/providers?
26 Feb 2019
Senior Deep Learning Researcher£45,000 - £70,000 per annumLondon Lead IT Infastructure Engineer£60,000 - £75,000 per annumEdinburgh Senior Finance Business Partner£80,000 - £85,000 per annum + bonus + benefitsSurrey Security Architecture DirectorUp to £150,000 per annum + £20,000 bonusLondon SAP OTC ConsultantNegotiableLondon Divisional Finance Director£90,000 - £100,000 per annum + bonus + benefitsSlough, Berkshire IFRS 17 Lead£500 - £900 per dayLondon A wider selection of current vacancies can be viewed on our opportunities page or get in touch for a confidential discussion about how Stanton House can help you hire great people or assist with your own career goals.
25 Feb 2019
Cyber Security is no longer a nice-to-have offering afforded by the largest of organisation. It is thought of as an essential and integral arm of any business looking to conquer the spate of high-profile data breaches faced by many in the public eye but, what remains to be an uphill battle for Cyber Security Professionals; and the organisations homing them, is what many describe as the human element. The majority of high-profile data breaches fall directly at the hands of employees through a series of simple and common mistakes such as sending sensitive data to the wrong recipient, social engineering and the loss or theft of intellectual property. With people at the root cause of our Security breaches, should the task ahead carry less emphasis on protecting the external security of a company and more focus on re-training staff and improving both the culture and compliance of an organisation? I am in the process of creating an insight paper which will explore the various roles departments can play in protecting their Cyber Security with a particular focus on the relationship between Cyber Security and HR. If you have had experience in working with either department to engage staff please do get in touch. Join the debate – is Cyber Security an HR issue?
20 Feb 2019
Richard Williamson joins Stanton House today having spent more than five years working within the recruitment space with a keen focus on Cyber Security. Based in our new Liverpool Street office, Richard joins our growing Cyber Security offering as Senior Consultant and will specialise in Senior Information and Cyber Security opportunities in London. Manager of Cyber Security, Ryan Surry, said: “We are really pleased to have someone which Richard’s enthusiasm and passion for our Information Security. He comes with a wealth of specialist expertise and aligns very closely with our core values. We are establishing an ethical and technical recruitment function and we see Richard being a key figure.” You can congratulate Richard by connecting with him on LinkedIn.
12 Feb 2019
Are the days of a CISO being a data-driven techy, numbered? With a spate of high-profile data breaches; mostly at the hand of human error, the role of a CISO has been elevated and it seems the role now requires a person with people skills, charisma and approachability who is expert in psychology and human behaviour. But, with the role evolving daily – will the route to c-suite change even further? The CISO skill-set has gone from specialist to exhaustive with the top tier of professionals expected to engage with the board, monitor their financial footstep, educate the broader business, recruit and manage their own team and take on non-technical managerial responsibilities - all while auditing and safeguarding the security of the business. CISO’s are now expected to be experts in psychology and human behaviour to counteract the spree of breaches caused by the human element including the sending of sensitive data to the wrong recipient, social engineering, the loss or theft of intellectual property or storing data unsecured or properly patched. This new holistic method of understanding people to increase Cyber Security is attracting leaders from HR, marketing, defence and even finance to gravitate towards the sought after the CISO position. I am in the process of exploring the changing route to CISO and have undertaken some thought-provoking research into how many leaders started off in the world of computer science and security and how many accidentally fell into the role. To request a copy of my future insight paper on the evolving role of the CISO and take part in my 30-second anonymous survey please follow the link below and join the conversation. Has the route to CISO changed?
08 Feb 2019
Senior Finance Business Partner£80,000 - £85,000 per annum + bonus + packageSurrey R2R Lead£550 - £650 per daySouth West England Security Architecture DirectorUp to £150,000 per annum + £20,000 bonusLondon Talent and Capability Manager£70,000 - £75,000 per annum + £5,000 car allowance and 15% bonusBerkshire AWS Automation Engineer£55,000 - £65,000 per annumLondon Transformation Business Partner£650 - £800 per dayLondon A wider selection of current vacancies can be viewed on our opportunities page or get in touch for a confidential discussion about how Stanton House can help you hire great people or assist with your own career goals.
06 Feb 2019