Alan Mills works within the cyber security department at VQ and is also a lecturer in cyber security at University of the West of England (UWE Bristol).
Here at VQ we’ve had a lot on going on recently, with work on our latest release, VQ Conference Manager 3.10. As with every release we’re working hard to make sure we maintain our high security standards and practices and whilst at Cisco Live in June, it was great to hear some of the positive feedback from our customers and partners in America around all the security features and compliance requirements our product provides out of the bag.
But let’s not forget we’re still a UK company and we’re just as committed to ensuring we both work and align with the security best practices that are held to over here. There’s no better place for making sure our finger is still on the pulse than at CYBERUK. For those that don’t know CYBERUK is an annual conference run by the NCSC that brings together government, industry and academia with a focus on cyber security. It’s a flagship event and a great place to hear from leaders across all 3 sectors.
This year I was lucky enough to not only attend the event, but to speak at it (if only briefly). The focus of my talk? Supply chain security. As I’m sure any tech company will tell you supply chains security has become a major concern, with attacks against micro-services, packages and plugins becoming increasingly common. So it was an honour to be able to share the viewpoints and VQ TTPs for dealing with these issues with everyone else at the conference. In just 5 minutes I went through the issues supply chain attacks present, some common attack vectors and some useful mitigations. It was also the opening lightning talk, so I was keen to make sure I covered it all, without starting us all off on a delay. But mission success and the talk went well (and within time).
It’s always good to know that the things you’re doing and saying not only make sense, but resonate with the wider community and there are few platforms or events with the same reach as CYBERUK. Rest assured though we’re not resting our laurels, we’re constantly working to ensure our security practices are up to date and the work and research I’m involved in is helping to improve existing tools and security practices, especially around the use of containers. So I’ll sign this post off by saying more to come and watch this space!