Story image

Have I Been Pwned creator Troy Hunt to give lesson on security-centric cultures

23 Jan 18

The man behind online data breach notification website ‘Have I Been Pwned’ is taking his world-renowned security skills to enterprise technology learning platform Pluralsight once again.

Troy Hunt, who created Have I Been Pwned, is both a Microsoft regional director and MVP for developer Security. He has created at least 20 courses for Pluralsight and speaks at events around the world.

Hunt’s new course, titled ‘Creating a Security-Centric Culture’ is designed to help CISOs and their teams with insight into the tools and methods needed to fight breaches and cyber attacks.

It will analyse why security must be part of every company initiative through a security-first mindset. It will also look at how development and security teams can work together more closely; and how security threats affect real organisations.

“Security must be top of mind for all technology professionals in an organisation, not just the designated security team,” comments Hunt.

“With a new hack or breach happening almost daily, organisations must develop the skills required to safeguard and manage against security threats by making security the norm rather than the exception.”

Pluralsight notes a statement from Gartner that points out the broad nature of security disciplines and their connection to the cybersecurity skills shortage.

"One reason there is a persistent skills shortage for cybersecurity roles is that cyber skills cover a number of distinct disciplines, ranging from secure coding practices, full-stack knowledge of IT infrastructure to legal and regulatory compliance.”

Gartner also notes that “security and risk management leaders will need to invest in training (technology and conceptual) for those skills that are missing among their current staff and are not readily available with current applicants."

Since launching its cybersecurity content category in July 2016, Pluralsight has conducted more than 100 courses across different disciplines, including penetration testing, incident response, digital forensics, secure coding, security compliance and security assessments.

Hunt has hosted a number of courses including HTTPs education, ethical hacking, Azure, API hacking and OWASP.

According to Cerner’s VP chief architect of cloud apps ops, Kevin Shekleton, his company used to struggle with developing its own security education programs.

“Prior to Pluralsight, we spent hours developing our own security education taught by our developers, but given the large size of our organisation and the cost of developing content, we found the obstacles to offering a comprehensive program within our own development organisation were too large,” he says.

“With Pluralsight, we replaced this internal education with better equivalent content. We now also have access to content that is kept current that would have proved challenging to develop ourselves without a dedicated team. Pluralsight has allowed us to ensure that all roles in our development organisation have the knowledge to build secure health care solutions.”

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.