sb-nz logo
Story image

HP recruits former GCSB researcher for new Security Advisory Board

20 Sep 2017

An ex-GCSB researcher has scored a role in HP’s new Security Advisory Board and will be part of a major effort to reinvent the company’s approach to cybersecurity.

The board will work as a reconnaissance team, according to HP, and they will provide insights from their experiences to help HP reinforce its own security processes.

The board will also talk with HP executives and the market about the shifting security landscape.

According to HP’s blog, inadequate security cannot be ignored because hackers are far more sophisticated and always looking for exploitable vulnerabilities.

Justine Bone, now CEO of medical security analyst firm MedTec, previously worked on reverse engineering and vulnerability research at the GCSB before leading security for Bloomberg LP.

“For years, software and hardware makers were able to rely on security by obscurity. There was no upside to building in this quality all the way through the product because nobody was asking questions. Now, though, people are definitely asking,” Bone says.

Bone joins as one of three board members outside of HP. She joins ex-hacker and now HP Board Chairman Michael Calce, who conducted a cyber attack against Amazon, eBay and Amazon at the age of 15. His work resulted in $1.7 billion in damages.

Robert Masse also joins the advisory board as an independent partner at a major consulting firm.

According to HP’s chief technology for system security research and innovation, Boris Balacheff, the company wants to sharpen its efforts in understanding the future cyber landscape and potential problems.

From NotPetya to Shamoon to botnets, HP says that it’s clear any connected device can be attacked.

With the rise of connected gadgets, 20 billion of which are expected to be used by 2020, the security challenges will get bigger.

Masse adds that cybersecurity used to be an IT problem, but now it’s a problem for audit and risk committees, as well as boards.

“I think now's the time where we really have the opportunity to improve things at a much better level than before.”

Calce believes that every device must have security and adaptability at its core ‘from the ground up’, a phrase often taught but rarely practiced.

He says that when computers boot up, more than a million lines of code in firmware are loaded before a user sees anything on the screen.

HP is looking to implement security on anything and everything they develop. That’s the type of mindset we need if we ever want to have some level of security in this world,” Calce concludes.

Story image
Dark net vendors wanting Bitcoin payments for unverified COVID-19 vaccines
As the medicines are being offered on the dark net, purchasers have no way of knowing whether they are genuine, according to Check Point.More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Cyberattacks on healthcare organisations "out of control" - Check Point
There has been a 45% increase in cyberattacks on healthcare organisations worldwide in the last two months, making healthcare the most targeted industry by cyber criminals.More
Story image
UPDATED: RBNZ ascribes data breach to third-party file sharing service
“The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information,” says RBNZ Governor.More
Story image
WatchGuard report tracks rise of network attacks in Q3
WatchGuard’s Q3 2020 Internet Security Report has called to attention the rise in attacks on corporate networks, even as many organisations shifted to remote work.More
Story image
Red Hat to acquire Kubernetes-native security provider StackRox
Red Hat will further expand its security offering, adding StackRox's complementary capabilities to strengthen integrated security across its open hybrid cloud portfolio.More