Story image

Have I Been Pwned creator Troy Hunt to give lesson on security-centric cultures

23 Jan 2018

The man behind online data breach notification website ‘Have I Been Pwned’ is taking his world-renowned security skills to enterprise technology learning platform Pluralsight once again.

Troy Hunt, who created Have I Been Pwned, is both a Microsoft regional director and MVP for developer Security. He has created at least 20 courses for Pluralsight and speaks at events around the world.

Hunt’s new course, titled ‘Creating a Security-Centric Culture’ is designed to help CISOs and their teams with insight into the tools and methods needed to fight breaches and cyber attacks.

It will analyse why security must be part of every company initiative through a security-first mindset. It will also look at how development and security teams can work together more closely; and how security threats affect real organisations.

“Security must be top of mind for all technology professionals in an organisation, not just the designated security team,” comments Hunt.

“With a new hack or breach happening almost daily, organisations must develop the skills required to safeguard and manage against security threats by making security the norm rather than the exception.”

Pluralsight notes a statement from Gartner that points out the broad nature of security disciplines and their connection to the cybersecurity skills shortage.

"One reason there is a persistent skills shortage for cybersecurity roles is that cyber skills cover a number of distinct disciplines, ranging from secure coding practices, full-stack knowledge of IT infrastructure to legal and regulatory compliance.”

Gartner also notes that “security and risk management leaders will need to invest in training (technology and conceptual) for those skills that are missing among their current staff and are not readily available with current applicants."

Since launching its cybersecurity content category in July 2016, Pluralsight has conducted more than 100 courses across different disciplines, including penetration testing, incident response, digital forensics, secure coding, security compliance and security assessments.

Hunt has hosted a number of courses including HTTPs education, ethical hacking, Azure, API hacking and OWASP.

According to Cerner’s VP chief architect of cloud apps ops, Kevin Shekleton, his company used to struggle with developing its own security education programs.

“Prior to Pluralsight, we spent hours developing our own security education taught by our developers, but given the large size of our organisation and the cost of developing content, we found the obstacles to offering a comprehensive program within our own development organisation were too large,” he says.

“With Pluralsight, we replaced this internal education with better equivalent content. We now also have access to content that is kept current that would have proved challenging to develop ourselves without a dedicated team. Pluralsight has allowed us to ensure that all roles in our development organisation have the knowledge to build secure health care solutions.”

GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."
Are AI assistants teaching girls to be servants?
Have you ever interacted with a virtual assistant that has a female-based voice or look, and wondered whether there are implicitly harmful gender biases built into its code?
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
Data#3 to exclusively provide MS licences to WA Government
The technology services provider has won two contracts with the Western Australia Government, becoming its sole Microsoft licence provider.
Why cash is no longer king in Australia
Australia is leading the way in APAC for granting credit on B2B transactions.