Sign up to save your podcasts
Or
Share Making Cybersecurity Accessible with Scott Helme
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Making Cybersecurity Accessible with Scott Helme
Global connectivity benefits our world in numerous ways, however, that same connectivity also poses a potential cyberthreat that is often overlooked. There is no easy solution for combating the rising threats in our hyperconnected world. Now more than ever, cybersecurity is imperative for both businesses, governments and educational institutions, and individuals and families. For cybersecurity to effectively slow down the rising cyber threats and attacks, everyone needs to be part of the solution.
Oftentimes, the responsibility of managing cyber risks and threats is put on the individual. But we can't put all responsibility on the user. And while yes, human error remains the unfortunate reason behind many security breaches, passing the blame onto individuals who are often the victims of a cyber attack, is not solving the issue.
So what can we do? Make cybersecurity accessible to everyone.
To help us understand how an easily accessible proactive approach to cybersecurity can combat cyber threats and attacks, we spoke with Scott Helme, a security researcher, entrepreneur, and international speaker. Besides donning many hats throughout his career, Scott also freely shares his knowledge and expertise with many communities - the security community, the legal community, and the general public.
We (virtually) visited Scott in Clitheroe, a small town in England, where he showed us his dream car that he is modifying, BMW M140i, and we chatted about the challenges of making cybersecurity easier for everyone, even those not technically inclined, his numerous projects — Report URI, SecurityHeaders, Crawler.Ninja, and heard his insights on a topic he is very passionate about — encrypting the entire Internet.
**You wear many hats - security researcher, infosec consultant, entrepreneur and international speaker. When did your interest in cybersecurity arise?**
I've been interested in technology since I was a little boy, always tinkering with things and learning new stuff. I studied IT focused topics throughout school and college and learned software engineering at university. After my education, I spent many years working support and QA jobs where your role is to break things and report your findings. Through my own curiosity, I started looking at ways to break systems from a security perspective and not just a functional perspective. It was then that the field really caught my attention.
Once I started exploring security, reading blogs, and watching videos online, I was hooked. I spent years studying the field and doing security research of my own and in 2014 I found a large security flaw in a home router provided by my ISP. The process of reporting the issue gained national and international press coverage, which eventually led to me being offered a job as a penetration tester and moving into the field professionally. Since then, I've started offering training, founded security companies, spoken at international conferences, and even done a keynote on encryption for the NCSC here in the UK.
**Cybersecurity is intended for everyone, but making it more approachable to the general public and those non-technical is often a roadblock to the adoption of good practices. Why do you think we still have barriers to making cybersecurity easier for everyone?**
For years we've said, "the user should..." The user should look for the padlock, the user should use a strong password, the user should do this or that. Making security the responsibility of the user was our downfall. The user is always going to be the most unreliable part of any system. That's not a criticism of the user, we're all human and unreliable. The core issue is security is hard. Rather than trying to solve it at a technology level, which is hard for us technology folk, we pushed it onto the users.
Then it's easier to blame them when things go wrong. Security is getting easier as time goes by though. We are seeing a widespread use of biometrics on phones, which i...
View all episodes
By SecurityTrailsGlobal connectivity benefits our world in numerous ways, however, that same connectivity also poses a potential cyberthreat that is often overlooked. There is no easy solution for combating the rising threats in our hyperconnected world. Now more than ever, cybersecurity is imperative for both businesses, governments and educational institutions, and individuals and families. For cybersecurity to effectively slow down the rising cyber threats and attacks, everyone needs to be part of the solution.
Oftentimes, the responsibility of managing cyber risks and threats is put on the individual. But we can't put all responsibility on the user. And while yes, human error remains the unfortunate reason behind many security breaches, passing the blame onto individuals who are often the victims of a cyber attack, is not solving the issue.
So what can we do? Make cybersecurity accessible to everyone.
To help us understand how an easily accessible proactive approach to cybersecurity can combat cyber threats and attacks, we spoke with Scott Helme, a security researcher, entrepreneur, and international speaker. Besides donning many hats throughout his career, Scott also freely shares his knowledge and expertise with many communities - the security community, the legal community, and the general public.
We (virtually) visited Scott in Clitheroe, a small town in England, where he showed us his dream car that he is modifying, BMW M140i, and we chatted about the challenges of making cybersecurity easier for everyone, even those not technically inclined, his numerous projects — Report URI, SecurityHeaders, Crawler.Ninja, and heard his insights on a topic he is very passionate about — encrypting the entire Internet.
**You wear many hats - security researcher, infosec consultant, entrepreneur and international speaker. When did your interest in cybersecurity arise?**
I've been interested in technology since I was a little boy, always tinkering with things and learning new stuff. I studied IT focused topics throughout school and college and learned software engineering at university. After my education, I spent many years working support and QA jobs where your role is to break things and report your findings. Through my own curiosity, I started looking at ways to break systems from a security perspective and not just a functional perspective. It was then that the field really caught my attention.
Once I started exploring security, reading blogs, and watching videos online, I was hooked. I spent years studying the field and doing security research of my own and in 2014 I found a large security flaw in a home router provided by my ISP. The process of reporting the issue gained national and international press coverage, which eventually led to me being offered a job as a penetration tester and moving into the field professionally. Since then, I've started offering training, founded security companies, spoken at international conferences, and even done a keynote on encryption for the NCSC here in the UK.
**Cybersecurity is intended for everyone, but making it more approachable to the general public and those non-technical is often a roadblock to the adoption of good practices. Why do you think we still have barriers to making cybersecurity easier for everyone?**
For years we've said, "the user should..." The user should look for the padlock, the user should use a strong password, the user should do this or that. Making security the responsibility of the user was our downfall. The user is always going to be the most unreliable part of any system. That's not a criticism of the user, we're all human and unreliable. The core issue is security is hard. Rather than trying to solve it at a technology level, which is hard for us technology folk, we pushed it onto the users.
Then it's easier to blame them when things go wrong. Security is getting easier as time goes by though. We are seeing a widespread use of biometrics on phones, which i...