Black Hat Europe: Strong security relies on a 'culture of openness'

News
By published

Security analyst Regina Bluman says managers and executives need to “be human” and “admit mistakes”

A smiling manager showing a thumbs up to their employee

Executives and managers need to do a better job of creating a safe space for knowledge-sharing if they hope to make their organisations more secure.

This is according to security analyst Regina Bluman, who claims that the infosec industry’s habit of gatekeeping knowledge is making collaboration and learning more difficult – and the overall sector less secure.

Black Hat Europe: ‘Failures in tech governance are eroding democracy’ Google VP withdraws from Black Hat over 'harmful' name Leaky API exposes Black Hat attendees’ personal data

“Security can be complex at times, but it doesn't have to be,” said Bluman, speaking on the second day of Black Hat Europe 2021.

“I think a lot of people like to overcomplicate it because it makes us feel a bit special. It makes us feel a bit fancy. But we can simplify things so we can build these breakpoints. We can help people in the business understand how to share knowledge safely and we can make it more simple for them,” she added.

Employees from minority backgrounds are more likely to be reluctant about voicing their opinions, according to Bluman, who called for a greater “diversity of thought [and] background” in the sector.

“It's great that there are more women in the industry, but diversity doesn't stop there. If you're on a panel, if you're contributing on a webinar, try and get other people [to contribute] who are diverse,” she told Black Hat attendees.

RELATED RESOURCE

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

FREE DOWNLOAD

Bluman, who is a member of anti-harassment initiative Respect in Security, encouraged managers and executives to “be human” and “admit mistakes” in order to help create a more open culture “by being an example”.

“If you are an exec, if you are a manager of a team, show people that it's okay to fail, that it's okay to put your hand up and say: ‘I've done something, I'm not perfect’,” she said.

Bluman also encouraged organisations to do more to contribute information, as opposed to commodifying it, and advised individuals to find opportunities to share their knowledge and not belittle others for their mistakes.

This comes after research by Respect in Security found that almost one in two cyber security employees had experienced harassment at work socials (48%) and in the office (47%), while more than a third admitted to having experienced bullying at industry events (36%).

Sabina Weston
Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.

More about careers and training
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.

Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers
Three teenage schoolgirls typing on laptop keyboards while sitting in classroom.

IBM pledges support for UK government cyber skills program
Ransomware concept image showing a warning symbol in red with binary code in background.

Healthcare systems are rife with exploits — and ransomware gangs have noticed
See more latest
Most Popular
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
Databricks logo and branding pictured on a MacBook Pro screen.
Databricks and Anthropic are teaming up on agentic AI development – here’s what it means for customers
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers
NHS logo displayed on a smartphone screen in white lettering on a blue background.
NHS supplier hit with £3m fine for security failings that led to attack
OpenAI logo and branding pictured at Mobile World Congress 2024 in Barcelona, Spain.
OpenAI announces five-fold increase in bug bounty reward
Digital handshake concept with Hand shake between two businessmen with digital hand
SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
ChatGPT logo and branding pictured in white coloring against a black backdrop.
DeepSeek and Anthropic have a long way to go to catch ChatGPT: OpenAI's flagship chatbot is still far and away the most popular AI tool in offices globally
A telephoto shot of Evan Goldberg, founder and EVP at Oracle NetSuite, pictured from the waist up speaking onstage at the opening keynote of SuiteConnect London 2025.
‘Every feature that comes into NetSuite over the coming years is going to have AI’: NetSuite’s Evan Goldberg on the future of the platform and how AI will drive customer success