Hunted’s Ben & Danni On Cybersecurity

Rosalind Madge our consultant managing the role
Posting date: 3/21/2019 9:45 AM
Ben Owen and Danni Brooke are the Co-Directors for the EMEA Practice at Fortalice Solutions, a leading global cyber security and intelligence operations company. 

They travel globally to assist clients with their cyber security requirements, bespoke training needs, intelligence and investigations both online and physical and counter fraud training/consultation. They deliver and manage a portfolio of pro-active intelligence solutions to keep people, nations and businesses safe from threats and head up the EMEA operations. 



Ben and Danni also feature on the hit Channel 4 show, Hunted and Celebrity Hunted which has been airing for over four years with another series set to be filmed this summer. I caught up with them recently to discuss the latest Fraud, tools and challenges for the Cybersecurity industry.


Cybersecurity is an ever-changing landscape. What trends do you anticipate for the next 12 months and beyond?

It is always difficult to pin down what the next real trend is going to be in the Cybersecurity space as adversaries are becoming ever more sophisticated.  What was once a very difficult process for skilled individuals is becoming more readily available to novices with advances in software, particularly those shared on the Dark Web.

What is an inevitable threat trend in the next 12-months and beyond is the exponential rise in the Internet of Things (IoT).  With a world where everything is hooked up to the web, it is apparent that tech companies selling these devices are under immense pressure to get products to market. The need for speed could mean that some security principles and best practices may be overlooked.   As the UK encountered during the Mirai Botnet attack of 2016, a network of electronic devices acting in concert can cripple the internet or, worst case, become a weapon that could cause actual physical damage as well as cyber damage, power stations, hospital networks to name but a few.  

How have Data & Analytics impacted the detection, and prevention, of cyber-crime?

A company will have to protect themselves against an enormous amount of cyber threats every second.  A cyber-criminal will only need one successful attempt. Data & Analytics are proving successful in the fight against cyber-crime and their proactive and holistic approach is at keeping people and businesses safe.  Of course, it is Data that is being stolen, but very often Data can come to the rescue.  It helps in a number of ways, e.g. identifying anomalies in employee and contractor computer usage and patterns, detecting irregularities in networks, identifies irregularities in device behaviour (a huge advantage with the rise of the IoT).

What one must remember, however, is the people behind the Data.  You can’t simply collect Data and assume you will be able to detect and respond with the right actions.  You need the people with the right analytical skills to sift through the Data, find the right signals and then react to the threat with an appropriate and timely response.  

What tools and technologies do you think will become increasingly important in the fraud and cyber-crime landscape?

Here at Fortalice we are investing a lot of time into coverage of the Dark Web.  We live in a rapidly changing digital landscape. Criminals, fraudsters, and others are now operating with more sophistication and anonymity. Where do they go to exchange fraudulent details and ideas about current victims? What medium do they use to discuss organisational targets or new ways of defrauding companies? The answer is the Dark Web. 

Traditionally, companies fight fraud from the inside out. We want to change this landscape by accessing the entirety of the Dark Web, its pages, shady storefronts, and treasure troves of Data, and drawing on monitoring toolsets to give our clients a 360-degree resource for identifying adversarial communications and movements. It’s all about Internet coverage.  Wherever it is difficult to find – that’s where your threat will be.  

A final point to this question is one of sharing tools and techniques.  A collaborative approach is always a good way of making sure the wider audience benefits.  We always work with our clients and offer other services and support outside of our remit to make sure they’re fully protected from a cyber and physical space.  

What are the biggest security threats for businesses?

Security is fundamentally broken because the design of many security solutions does not design for the human psyche.  Security solutions are bolted on, clunky, and hard to use but because security teams prioritise defending against easier cyber threats, they often don’t focus on the hardware side.

The biggest risk to companies and individuals is always defined by the Data that is most important to you or to the business.  For individuals, this might be privacy or identity. For businesses, this could be customer Data, intellectual property, and the company’s money in the bank.

The reality is that business executives can’t outspend the (cybersecurity) issue and they must be prepared. Cybersecurity no longer exists in a vacuum and it must be elevated to the conversations held in the boardroom and with senior leadership as well as entire divisions, departments, and organisations.

For someone trying to get into security analytics, what skills do you think are key to being successful in the industry?

The detail is in the name of the role.  A huge ability to interpret large amounts of technical Data is key to the role, as well as being able to assimilate what it means and how to action it.  Risk management is also key to this role.  Very often you will identify potential risks and you will have to triage those priorities on your own as co-workers won’t have the technical expertise to assist.  You will need to be able to communicate successfully to all levels of a workforce and last but by no means least – a good sense of humour!  When you think you have gotten to understand a new threat or vulnerability a new one will replace it within seconds.  Time to put the kettle on, smile, and get back to work with your analytical prowess.  

Within fraud, it's well known that criminals are sharing their approaches, is this mirrored in cyber-security and if so, how is the industry combating this?

Criminal collaboration is huge on the web.  First of all, there is no talent shortage for fraud rings or cybercriminals. There are no requirements for fancy university degrees or certifications and the crime ring pays for performance.  They don’t care what you look like, how you dress, or if you clock in during normal work hours. They care about getting the job done - hacking into and stealing information from others. Together they are sadly stronger and more effective.  On Dark Web forums, you will see fraudsters sharing and selling their ‘IP’ knowing that others will also contribute. That way they are all winners.  In the private world ideas equal money. That is of course not a bad thing for business, but it is bad for collaboration. Businesses generally don’t like to share ideas with one another because it has taken them lots of time and expense to get to their product or solution. As cliché as this comment sounds - we have to change this landscape for the greater good. 

There are lots of smart government initiatives for national defences in cyber security and fighting high-end cyber-crime but seldom does this have a positive impact locally with smaller businesses.  There is a huge amount of information out there for individuals and advice, but we need to bridge the gap still between criminal collaboration and that of the good guys.

If you could change one thing in the industry, what would it be?

The mind set of security professionals that humans are the weakest link. We’re not! Humans are at risk because technology is by design, open.  I’d also change the mind set of those not in the Cyber Security industry.  All too often the severity of what is being reported is not taken seriously, nor are budgets set aside for cyber security issues.  That said, it is improving but there is a long way to go. 

Ben and Danni spoke to Senior Consultant, Rosalind Madge. Get in touch with Rosalind or take a look at our latest job opportunities here.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out the related posts below.

HOW BRANDS USE DATA TO CREATE SUCCESSFUL CAMPAIGNS

Make no mistake: making minor adjustments to an ad or campaign that’s meant to appeal to the masses just won’t cut it. Customers crave creativity. They want to be understood. Which is why people respond best to brands that do their homework, doing their research into what appeals to different groups. How should businesses appeal to their chosen segments, then, considering how diverse people are? Data, of course. Why Data? For one thing, it drives results and creates improved outcomes. Data also helps to prove the value of marketing, providing a bargaining chip for future budget discussions. And, most rewarding of all, brands get valuable insights into their target market. Which, in turn, leads to more well-targeted, profitable campaigns.  And if you think Data doesn’t belong in the world of creative campaigns, think again. As OpenJaw Technologies Chief Marketing Officer Colin Lewis argues: “Creativity is not just compatible with being Data-driven – Data can drive better creative.” Psychological profiling Strategic communications consultancy, Verbalisation, researches and analyses language to form valuable insights. Using its Rapid Audience Insights Diagnostic system, the company’s team of psychologists and researchers work out how an audience thinks. They also learn the actual words an audience uses, which they then use as the basis of a marketing strategy.  Based on their unique research and insights, Verbalisation has created several successful campaigns for high-profile brands. These include the #NotAnotherBrother campaign for counter-terrorism organisation Quilliam, which looked at the motivations of jihadists.  The campaign is now used by the UN and schools across the UK, as well as the US Department of Defense. It is the most viewed counter-extremism campaign of all time, with more than half a billion global media impressions.  Location, location, location Out-of-home (OOH) advertising. Yes, it goes way back, but it’s actually the only traditional advertising channel posting rapid growth. In fact, thanks to mobile-location Data, brands can target audiences quicker and with a greater chance of success than ever before.  Great news for JCDecaux (JCD), a leading OOH company with ads reaching 410 million people in over 4,000 cities. JCD now works with location Data to define and segment audiences. Doing so helps it decide where to place media, improve campaigns and measure resulting store footfall and purchases.  Knowledge, so they say, is power. Particularly when that involves knowing the whereabouts of the most coveted customers. Newly teamed up with identity resolution company, Neustar, JCD’s insights look stronger than ever. JCD can now understand which of its locations rank higher for any brand’s most desired audiences. All thanks to location Data and real-time behaviour analysis.  Personalised employee training Data doesn’t just boost the results of B2C brands; it can also be a vital shot in the arm for internal security training campaigns. Training provider, CybeReady, for instance, uses a Data science-driven approach to deliver cyber awareness training with a difference: its anti-phishing platform helps security teams quickly roll out and tailor campaigns to individual employees. In big companies, getting employees up to speed is especially challenging. With many locations, languages and time zones to contend with, Information Security teams have their work cut out.  CybeReady eliminates these challenges by delivering 12 personalised, 60-second simulations to each employee. In their first language, every year. What’s more, the training provider uses machine learning to analyse performance on a daily basis. This enables it to provide the most appropriate simulations to each individual. The result? IT teams save 160 hours each month and employee resilience increases five-fold. There’s no limit to what Data can do. If you’re a fan, we may have a role for you. Take a look at our latest opportunities or get in touch with our expert consultants.  

The Evolution Of The Data Engineer

Every Data Science department worth its salt has at least one engineer on the team. Considered the “master builders,” Data Engineers design, implement and manage Data infrastructure. They lay down digital foundations and monitor performance. At least, that’s what they used to do.  Over the last few years, the role has shifted. Data Engineers have gone from mainly designing and building infrastructure, to a much more supportive and collaborative function.  Today, a key part of the engineer role is to help their Data Analyst and Data Scientist colleagues process and analyse data. In doing so, they are contributing to improved team productivity and, ultimately, the company’s bottom line. THE IMPACT OF THE CLOUD In the past, a Data Engineer would often move data to and from databases. They’d load it in a Data Warehouse, and create Data structures. Engineers would also be on hand to optimise Data while businesses upgraded or installed new servers.  And then along came the Cloud.  The rapid dominance of cloud computing meant that optimisation was no longer needed. And as the cloud made it easy for companies to scale up and down, there was less need for someone to manage the data infrastructure.   The collective adoption of the cloud has had a big impact on the function of Data Engineers. Because, provided a company has the funds, there is no longer the same demand for physical storage. Freed from endless scaling requests, engineers have more time to program and develop. They also spend more time curating data for better analytics.  AUTOMATING THE BORING BITS  Less than a decade ago, if start-ups wanted to run a sophisticated analytics program, they’d automatically hire a couple of Data Engineers. Without them, Data Analysts and Data Scientists wouldn’t have any Data. The engineers would extract it from operational systems, before giving analysts and business users access. They might also do some work to make the Data simpler to interpret.  In 2019, none of this extraction and transformation work is necessary. Companies can now buy off-the-shelf technology that does exactly what a Data Engineer used to do. As Tristan Handy, Founder and President of Fishtown Analytics, puts it: “Software is increasingly automating the boring parts of Data Engineering.”  STILL SOUGHT-AFTER  With automation hot on the Data Engineer’s tail, it can be tempting to ask whether they are still needed at all.  The answer is: yes, absolutely. When recruiting engineers, Data Strategist Michael Kaminsky says he looks for people “who are excited to partner with analysts and Data Scientists.” He wants a Data Engineer who knows when to pipe up with, “What you’re doing seems really inefficient, and I want to build something better.” Despite the rise in off-the-shelf solutions, engineers still play a key role in the Data Science team. The difference is simply that their priorities and tasks have shifted.  Today, innovation is the watchword. The best engineers are hugely collaborative, helping their teams go further, faster. It’s an exciting time to be a Data Engineer. If you’re interested in this field, we may have a job for you. Take a look at our latest opportunities or get in touch with our expert consultants.  

RELATED Jobs

Salary

US$160000 - US$200000 per year

Location

New York

Description

Lead Data Manager - Political Organization

Salary

£60000 - £100000 per annum + bonus, pension, benefits

Location

City of London, London

Description

A great opportunity as an MDM Consultant for a leading consultancy, considered the market leaders within data management.

Salary

US$464 - US$504 per day

Location

Seattle, Washington

Description

Join a top-notch consultancy working with exciting clients as a multi-faceted data engineering.

Salary

€7200 - €8400 per annum

Location

Munich, Bayern

Description

Join a project in one of the world´s leading e-commerce platforms and support them with your expertise in Data Engineering.

recently viewed jobs