The Security Culture Conference 2016

A couple of weeks ago I was back in beautiful Oslo (One of my favourite cities – I could definitely live there!) for the Security Culture Conference. Last year we had around 25 people for the inaugural conference which was held on an island just outside the city – see my write up on that here. This […]


SteelCon 2015

Last week I presented my “Popping the Bubble” talk at Steel Con – The North’s Premier Hacker Con – – I think it went down quite well and there was some spirited discussion after the talk. Robin (@digininja) and the crew put on a great conference at an amazing price of only £20 – The goodie […]


The Security Culture Conference 2015

So the Security Culture conference happened! On an Island…no really…it was on an island…look… The journey there took about twenty minutes on a ferry and a small boat to get to the island called Lille Herbern. The venue was actually a restaurant – the only one on the island. The day began with Roar Thon’s […]


Build a Security Culture (Fundamentals)

My good friend Kai Roer has written an easy to digest book on security culture. Anyone who has been in security for a while will know of Kai and his work on security awareness and culture. He was very kind give me a mention in the book, cheers Kai! It’s a short and accessible book and you […]


Tools Don’t Change Behaviour People Do

What makes an information security awareness programme effective? As in most cases the answer is “it depends”. Let me elaborate; if your goal is simply to obtain that magic compliance tick then maybe you’ll use some form of computer based training (CBT) coupled with some quizzes and possibly a few videos on your intranet page […]


Bring The Lightning!

It’s back! BSides London is back and this year along with a couple of ex-rookie speakers from 2013 – Anne Wood (@fairycakepixie) and Diarmaid McManus (@MadcapOcelot) as well as Glyn Wintle (@glynwintle) I’m running the Lightning Track. What’s the Lightning Track you ask? Well it’s the unscheduled track – No CfP and no pre-registration. So if you […]


Popping the Bubble

Are you living in a bubble? Now you’re thinking “Bubble?  You what…” Let me explain.  My experience is that a lot of the time we security types – yes, you and me – don’t actually know what the rest of the departments within the business actually do on a day-to-day basis.  We know they exist […]


Look at What I Learnt in Class

The below is my first contribution to The Analogies Project started by Bruce Hallas. When he asked to me contribute I couldn’t say no. You can also find it here on the analogies pageOne of the best pieces of work experience I’ve ever had wasn’t in IT or information security, in fact, it was Teaching English as a […]

Back To Top