IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Black Hat Europe: Strong security relies on a 'culture of openness'

Security analyst Regina Bluman says managers and executives need to “be human” and “admit mistakes”

A smiling manager showing a thumbs up to their employee

Executives and managers need to do a better job of creating a safe space for knowledge-sharing if they hope to make their organisations more secure.

This is according to security analyst Regina Bluman, who claims that the infosec industry’s habit of gatekeeping knowledge is making collaboration and learning more difficult – and the overall sector less secure.

“Security can be complex at times, but it doesn't have to be,” said Bluman, speaking on the second day of Black Hat Europe 2021.

“I think a lot of people like to overcomplicate it because it makes us feel a bit special. It makes us feel a bit fancy. But we can simplify things so we can build these breakpoints. We can help people in the business understand how to share knowledge safely and we can make it more simple for them,” she added.

Employees from minority backgrounds are more likely to be reluctant about voicing their opinions, according to Bluman, who called for a greater “diversity of thought [and] background” in the sector.

“It's great that there are more women in the industry, but diversity doesn't stop there. If you're on a panel, if you're contributing on a webinar, try and get other people [to contribute] who are diverse,” she told Black Hat attendees.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

Bluman, who is a member of anti-harassment initiative Respect in Security, encouraged managers and executives to “be human” and “admit mistakes” in order to help create a more open culture “by being an example”.

“If you are an exec, if you are a manager of a team, show people that it's okay to fail, that it's okay to put your hand up and say: ‘I've done something, I'm not perfect’,” she said.

Bluman also encouraged organisations to do more to contribute information, as opposed to commodifying it, and advised individuals to find opportunities to share their knowledge and not belittle others for their mistakes.

This comes after research by Respect in Security found that almost one in two cyber security employees had experienced harassment at work socials (48%) and in the office (47%), while more than a third admitted to having experienced bullying at industry events (36%).

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

What is zero trust?
network security

What is zero trust?

14 Jul 2022
Retbleed hardware-level flaw brings overhead woe to Intel and AMD
Hardware

Retbleed hardware-level flaw brings overhead woe to Intel and AMD

13 Jul 2022
An analysis of the European cyber threat landscape
Whitepaper

An analysis of the European cyber threat landscape

8 Jul 2022
Solve cyber resilience challenges with storage solutions
Whitepaper

Solve cyber resilience challenges with storage solutions

4 Jul 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022