Story image

HP recruits former GCSB researcher for new Security Advisory Board

20 Sep 17

An ex-GCSB researcher has scored a role in HP’s new Security Advisory Board and will be part of a major effort to reinvent the company’s approach to cybersecurity.

The board will work as a reconnaissance team, according to HP, and they will provide insights from their experiences to help HP reinforce its own security processes.

The board will also talk with HP executives and the market about the shifting security landscape.

According to HP’s blog, inadequate security cannot be ignored because hackers are far more sophisticated and always looking for exploitable vulnerabilities.

Justine Bone, now CEO of medical security analyst firm MedTec, previously worked on reverse engineering and vulnerability research at the GCSB before leading security for Bloomberg LP.

“For years, software and hardware makers were able to rely on security by obscurity. There was no upside to building in this quality all the way through the product because nobody was asking questions. Now, though, people are definitely asking,” Bone says.

Bone joins as one of three board members outside of HP. She joins ex-hacker and now HP Board Chairman Michael Calce, who conducted a cyber attack against Amazon, eBay and Amazon at the age of 15. His work resulted in $1.7 billion in damages.

Robert Masse also joins the advisory board as an independent partner at a major consulting firm.

According to HP’s chief technology for system security research and innovation, Boris Balacheff, the company wants to sharpen its efforts in understanding the future cyber landscape and potential problems.

From NotPetya to Shamoon to botnets, HP says that it’s clear any connected device can be attacked.

With the rise of connected gadgets, 20 billion of which are expected to be used by 2020, the security challenges will get bigger.

Masse adds that cybersecurity used to be an IT problem, but now it’s a problem for audit and risk committees, as well as boards.

“I think now's the time where we really have the opportunity to improve things at a much better level than before.”

Calce believes that every device must have security and adaptability at its core ‘from the ground up’, a phrase often taught but rarely practiced.

He says that when computers boot up, more than a million lines of code in firmware are loaded before a user sees anything on the screen.

HP is looking to implement security on anything and everything they develop. That’s the type of mindset we need if we ever want to have some level of security in this world,” Calce concludes.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
GCSB welcomes Inspector-General's report on intelligence warrants
Intelligence warrants can include surveillance, private communications interception, searches of physical places and things, and the seizure of communications, information and things.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."