Category Archives: Brian Honan

Brian Honan – SC Magazine Information Security Person of the Year 2013

Posted on by
Reply

The SC Magazine Awards are held each year during the Infosec conference in London. It is one of the most prestigious events in the information security field and the awards are one of the most coveted. Having been selected as one of the finalists for the award last year, I was honoured when I first heard I had been selected again as a finalist this year.

On the night of the event I was delighted and honoured to hear the announcement that I was selected as the Information Security Person of the Year for 2013. Below is a picture of the moment itself;

SC Award Winner

I would like to thank all my family, friends, colleagues, and clients who have supported me over the years and helped make the above award possible.  I see the award as a reflection as to how the information security field is growing here in Ireland. We have many excellent indigenous security companies growing here, a large number of industry giants in the security field have selected Ireland for their European HQs, and we have many skilled professional supporting the financial and pharmaceutical sectors. On top of that Irish people have been involved in security in various forms for centuries, so you could say security is part of our heritage. Hopefully we can build on all this and make Ireland a recognised centre of excellence for information security.

More highlights of the night are available in this video,

Hacking Senior Management – Video Interview with Tripwire

Posted on by

Earlier this year I attended the RSA Conference in San Francisco. While there I met up with my friends from Tripwire, including David Sparks. David and I started talking about the challenges security professionals have in securing the business environments they work in. He was intrigued when I said the problems I see are not really technical issues but rather how we fail to communicate properly to the business. I refered to the talk I gave at RSA Confernce Europe 2012 called Hacking Senior Management.

David then interviewed me on the main issues from that talk.  The video is below and more details on my comments can be got on the Tripwire blog.

Brian Honan Finalist in SC Magazine Awards 2013

Posted on by

 

SC_2013_shortThe year 2013 is of to a great start. Not only has this blog been shortlisted in the finals of the RSA Security Blogger Awards under the category of Most Educational Blog, I found out last week that I have been selected as a finalist in the SC Magazine Awards for Information Security Person of the year 2013.

Last year I was also nominated for this award and it is a great honour to be selected for the final again this year.  As well as being a finalist last year for Information Security Person of the year, BH Consulting received an award in the finals of Information Security Consultancy of the year.

I am looking forward to another excellent night at the awards dinner which will be held during the Infosec Europe exhibition in April and fingers crossed I could be coming back from London again this year with an award.

Brian Honan One of the Judges for the Tech Trailblazers Awards

Posted on by

I am delighted to say that I have been selected to be one of the judges for a very exciting new and innovative IT awards program, the Tech Trailblazers, aimed at technology start-ups. It promises to be an exciting project which will hopefully identify and launch some great new technologies onto the market.  I am joined by a number of fantatic judges which I am really looking forward to working with.

The Tech Trailblazers has a prize fund of $1 million for startups and also includes access to mentors, venture capitalists and other expertises.  So if you are working for a stratup that is in any of the below categories you should enter:

  • Security Trailblazers
  • Cloud Trailblazers
  • Emerging Markets Trailblazers
  • Mobile Technology Trailblazers
  • Networking Trailblazers
  • Storage Trailblazers
  • Sustainable IT Trailblazers
  • Virtualization Trailblazers

I am thrilled to be involved in this great initiative and look forward to working with new trailblazing companies.

Entries for the awards open on July 18th.  To get more information go the Tech Trailblazers website, follow us on Twitter or keep up with the conversation sing the hashtag #TTAwards.

Below is the official press release with gives more details

Tech Trailblazers Awards launches $1 million prize fund for pioneering enterprise tech startups

All entrants win something: Prizes for winners include CTO and VC/IPO boot camp and mentoring, plus products and services worth tens of thousands of dollars

 London, UK – June 19th 2012 – Today the Tech Trailblazers Awards (www.techtrailblazers.com) were officially launched to champion innovative tech startups from around the world.

The Tech Trailblazers Awards, open for entries July 18th, represent a new concept in enterprise IT awards. Designed explicitly for enterprise tech startups that are less than five years old and at C-level funding or below, the awards not only recognize startup innovation, but also proactively help startups grow their businesses with exclusive coaching, mentoring and development services worth tens of thousands of dollars.

Unlike some other awards, the Tech Trailblazers are not tied to a particular event or publication, instead it is completely independent and global. The awards are focused on the key enterprise IT sectors of cloud, infosecurity, mobile, networking, storage and virtualization. In addition, there is a sustainable IT category and an emerging markets category.

Stephen O’Donnell, chairman of the Tech Trailblazers judging panel, former CIO, author, and consultant and blogger at www.TheHotAisle.com, said, “TechTrailblazers offers a forum for game-changing new technologies and amazing young companies to showcase their products and services. We have assembled a world-class team of judges on the panel commensurate with the quality of entries we expect. The prizes and publicity for winning entries will ensure an exciting contest.”

All entrants to the Tech Trailblazers Awards will win a prize of commercial value, even if they do not place in the awards. The growing prize fund, worth an estimated $1 million+, is supported by industry vendors, analysts, venture capitalists, government bodies, the media, event partners and other industry-specific services.

The extensive judging panel includes the IT industry’s leading figures from around the world, giving little-known startups the opportunity to present their products and services to eminent influencers.

Sponsors to date include MIT/Stanford Venture Lab, the Cloud Security Alliance, Prezi, RealWire, MyNewsDesk, and ExecEvent. To inquire about sponsorship, please email innovate@techtrailblazers.com.

To be notified as soon as the Tech Trailblazers Awards opens for entries, or to subscribe to the mailing list to receive information on early bird submission savings and the “Meet the Judges” webinar series, please email innovate@techtrailblazers.com. 

At present the judging panel includes:

  • Mohit Agrawal, Founder and Editor, Telecom Circle (Twitter:      @telecomcircle)
  • Cynthia Artin, President, Artin Arts (@cynthiaartin)
  • Joe Baguley, Chief Cloud Technologist, VMware (@joebaguley)
  • Frank J. Bernhard, Strategy and Operations Director, Deloitte      Consulting (@FrankJBernhard)
  • Steve Broadhead, Founder and Director, Broadband-Testing Labs      (@steve_broadhead)
  • Rebel Brown, Author and Startup Veteran (@RebelBrown)
  • Mike Burkitt, CTO, Launchpad Europe (@launchpadeurope)
  • Teresa Cottam, Founder and Chief Analyst, Telesperience      (@teresacottam)
  • Chris Evans, Consultant and Blogger, TheStorageArchitect.com      (@chrismevans)
  • Marty Foltyn, Hands-On Lab Program, SNIA (@MartyFoltyn)
  • Ian French, Channel Guru, Mentor and Entrepreneur (@siceo)
  • Edward P. Gibson, Director, Forensic Technology Solutions,      Pricewaterhousecoopers (@EdwardPGibson)
  • Martin Glassborow, Blogger, Storagebod (@storagebod)
  • Brian Honan, CEO, BH Consulting (@brianhonan)
  • Elise Huang, Partner, WestSummit Capital
  • Sam Johnston, Director, Cloud & IT Services, Equinix (@samj)
  • Ben Kepes, Principal, Diversity Limited (@benkepes)
  • Justin Lodge, Infrastructure Architect, National Australia Bank      (@justin_lodge)
  • Chris Mellor, Storage Editor, The Register (@chris_mellor)
  • Steve O’Donnell, Consultant, Advisor and Author, TheHotAisle.com      (@stephenodonnell)
  • W. Curtis Preston, CEO, TruthInIT (@wcpreston)
  • Simon Robinson, Research Vice President, 451 Research      (@simonrob451)
  • Kai Roer, Senior Partner, The Roer Group (@kairoer)
  • Raj Samani, EMEA Strategy Advisor, Cloud Security Alliance      (@raj_samani)
  • Andrew Seldon, Editor, Hi-Tech Security Solutions, TechNews      (@andrewseldon)
  • Sarb Sembhi, Director, Consultancy Services, Incoming Thought      (@sarbsembhi)
  • Enrico Signoretti, Senior Consultant, Juku Consulting SRL      (@esignoretti)
  • Harkeeret Singh, Global Head of Energy & Sustainable IT,      Thomson Reuters (@harqs)
  • Jennifer Steffens, CEO, IOactive (@securesun)
  • Jon Toigo, CEO, Toigo Partners International (@jontoigo)
  • Matthew Yeager, Chief Technologist, Colt Technology Services      (@mpyeager)
  • Monica Zlotogorski, Editor, Inside Latin America, TM Forum      (@MonicaCZN)

 About the Tech Trailblazers Awards

Tech Trailblazers is a new concept in awards, designed explicitly for smaller businesses and startups that are less than five years old and at C-level funding or below. The awards have low barriers to entry and prizes that not only recognize startup innovation, but also proactively help startups grow their businesses with exclusive coaching, mentoring and development from VCs and leading CTOs as well as an estimated prize fund worth in excess of $1m. The awards seek to recognize true innovators in the following enterprise technology and other areas:

 Cloud Trailblazers

  • Emerging Markets Trailblazers
  • Mobile Technology Trailblazers
  • Networking Trailblazers
  • Security Trailblazers
  • Storage Trailblazers
  • Sustainable IT Trailblazers
  • Virtualization Trailblazers

 Entries open on July 18th – register your interest by emailing us, following us on twitter @Techtrailblaze or follow the conversation via the hashtag – #TTAwards.

 

Nominated for SC Magazine Awards

Posted on by

It was with great delight that I found out today that I was nominated for SC Magazine’s award for “Information Security Person of the year“.  To add to my delight BH Consulting has also been nominated for the “Information Security Consultancy of the year” award.

It is a great honour to have been nominated and shorlisted for these awards, especially when you look at the other nominees in each of those categories.

Information Security Person of the Year

  • Neira Jones – Barclaycard
  • Brian Honan – BH Consulting
  • Tim D.W. Wilson – NHS East London and City
  • Stephen Bonner – KPMG

Information Security Consultancy of the Year

  • KPMG
  • Brookcourt
  • Verizon
  • BH Consulting

Finally, to top it all the IRISSCERT team were nominated as a finalist for the “Information Security Team of the Year” award.

Information Security Team of the Year

  • Barclaycard
  • National Grid
  • IRISSCERT
  • Virgin Media

 Its an honour to be included amongst the other respected and reknowned nominees.  Whatever the outcome this is a great achievement for all involved.  I wish all the nominees the best of luck on the night of the awards and look forward to the event. 

Better get the tuxedo dry cleaned !!

Morning Ireland Interview On Arrests of Alleged Lulzsec Member

Posted on by

Earlier this morning I took part in RTE Radio 1′s Morning Ireland show. I was invited onto the show to talk about the arrest of an alleged member of Anonymous and Lulzsec. The person arrested is an 18 year old teenager called Jake Davis, also known by the online alias Topiary.  He was arrested by the London Metropolitan Police on the Shetland Islands off the coast of Scotland last Wednesday. He appeared in court yesterday and has now been released on bail on condition that he wear an electronic tag, is not allowed to access the Internet either directly or indirectly and must obey a curfew between 10:00 p.m. and 7:00 a.m.

He is not the first person alleged to be a member of the Lulzsec or Anonymous groups that has been arrested. Earlier this summer UK police arrested a young man called Ryan Cleary in Essex. They have also recently arrested 17 year old boy in Lincolnshire.

Law Enforcement Agencies in other countries have also been arresting members of both groups. The FBI last week arrested 14 people and are supposedly working through a list of 1,000 names of interest. The Dutch authorities arrested four people.  Over the past few weeks authorities in Spain, Turkey, Italy and Switzerland have also arrested people associated with both groups.

The interview can be found on the Morning Ireland podcast and starts approximately 26 minutes and 20 seconds into the podcast.  The interview was shorter than planned due to the issues surrounding the presidential campaign for Senator Norris.

Outlook is Cloudy

Posted on by
Cloud computing has become an exciting evolution in how we deliver, access and use services over the Internet.  The Cloud offers organisations many benefits and opportunities.  However, these opportunities and benefits do not come without a number of security risks that need to be considered.
Ireland is uniquely positioned to handle these issues.  In an article with the CSO Online Magazine titled “Ireland hopes security measures attract big cloud providers” I outline a number of these benefits.  In my opinion these benefits include the high quality of information security professionals that are based here, our experience in managing and running large datacentres and the cloud security research that is going on in various universities.
I have also taken on some active roles to ensure that we as an industry can address the security challenges the cloud present.  To this end I am happy to say I have been appointed the Chief Operations Officer for the Common Assurance Maturity Model (CAMM).  The objectives of CAMM are to:
  • Provide a framework to in support of necessary transparency attesting the Information Assurance Maturity of a Third Party Providers & Suppliers (e.g. Cloud providers).
  • Publication of results in an open and transparent manner, without the mandatory need for third party audit functions, or due diligence engagements.
  • Allow for data processors to demonstratively publicise their attention to Information Assurance in comparison to other supplier’s levels of compliance, and security profiles.
  • Negating the operational requirement for time consuming, expensive, subjective, and resource intensive bespoke arrangements to attest security and compliance.
I have also taken a position on the board of the UK and Irish Chapter of the Cloud Security Alliance.  The Cloud Security Alliance (CSA) is a “not-for-profit organisation with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.” We have some exciting events planned, including a chapter meeting in Dublin to be held later this year, so watch this space.  If you are interested in cloud security you should join the UK and Irish Chapter of the Cloud Security Alliance as it will provide you with the resources to develop and hone the skills required for this evolving environment.
If you are wondering what are the security challenges that we face with moving to the cloud I recommend that you read the Cloud Security Guidance White Paper from the Cloud Security Alliance and also ENISA’s excellent white paper on Cloud Computing.
You can also review my presentation on the Cloud Security below;
Cloud security
View more presentations from Brian Honan

Speaking at the 5th Annual Privacy & Data Protection Conference

Posted on by

I will be speaking at the 5th Annual Privacy & Data Protection Conference this year on the 27th of October.  The theme for the event is “Data Protection: Global Compliance Management” and I will be speaking on “Building an Information Security Culture and Policy”.  I will also be taking part in a panel discussion in information security.

The conference promises to be very informative and the organisers, Transatlantic Events, have brought together experts from the regulators, the lawmakers and the legal community from Ireland, the US, the EU, and the UK in order to debate the full range of issues that make up data protection compliance.  The conference will enable you to hear from experts as well as debate in open forum a range of issues from multi-jurisdictional compliance to niche areas such as outsourcing, monitoring, cloud computing, children’s privacy and data security breach management.

I am looking forward to hearing many of the other speakers at the event and hopefully meeting with some of you as well. 

You can register for the conference here.

Upcoming Speaking Engagements

Posted on by

We may be in the middle of the summer but already the calendar for the autumn is starting to fill up.   I will be presenting at Source Barcelona and also at BruCON in September.  For both of these seminars I will be talking about the lessons learnt from when I set up IRISS-CERT and how those lessons can be applied to those looking to set up their own incident response team.  While the topic may be similar the approach to each talk will be different. 

Source Barcelona has two tracks, one business and the other technical, and my presentation will be in the business track.  So the focus of that talk will be on the business aspects of setting up an incident response team.  Xavier Mertens gives a great overview of the different tracks in Source Barcelona over on his /dev/random blog.

BruCON is a more traditional technical security event and my presentation at that seminar will focus more on the technical aspects of setting up an incident response team and the tools, challenges and solutions one can face.

Also in September I will be speaking at the Cloud Computing Summit 2010 which will be held in Dublin.  I will be on a panel discussing issues surrounding the Security, Compliance and Regulatory requirements with cloud computing.

Then of course in November there is the IRISS-CERT Annual Cyber Crime conference.  Details have yet to be finalised regarding the speaker lineup but already it is looking excellent and it promises to be another exciting event this year.

Hopefully I will get to meet some of you at one of the above conferences.