We are UK Cyber Security Council members
We are proud to be one of the first members of the UK Cyber Security Council, an NCSC initiative and self-regulatory body for the Cyber profession.
The UK Cyber Security Council is a new professional body, and registered charity, which focuses on three key areas:
- Careers and Learning
- Professional ethics
- Diversity and Inclusivity
Why have we opted to become members?
We support the three focus areas that the council strives to deliver on and wanted an opportunity to voice our opinions as an SME and advocate of DevSecOps. Our directors are keen members of the community and have spoken about DevSecOps and Cyber Security at conferences such as DTX, Blackhat and @Hack.
We commit to abide by the Code of Ethics and guiding principles
Membership of the council is subject to complying with their Code of Ethics and guiding principles, which aim to steer the industry and enforce professional conduct. The sale of perceived “snake oil” has been a widespread issue in the industry and the council strives to hold their members to account and ensure real value to the end customer.
We are proud to abide by the code of ethics, which is published on the UK Cyber Security Council website and gives our customers confidence that we always act responsibly and with integrity.
All of our employees are also bound by the councils guiding principles which states that we will not seek to gain market advantage by misrepresenting our products or defaming our competitors.
Support the creation of cyber pathways
This is a key issue we are keen to help with, enabling the transition of skills into cyber. We are already something of the Armed Forces Covenant and plan to recruit and train a portion of our staff directly from university and conventional IT careers. The UK Cyber Security Council recognises the issue many face when trying to break into a cyber career and is committed to building career pathways.
DevSecOps brings together knowledge from Development, Security and Operations and therefore the majority of professionals transition into DevSecOps practice from a career in development or system administration. We want to ensure this pathway is addressed so we can continue to promote DevSecOps practices and ensure there are enough skilled practitioners entering the market.
pwnSpoof is a free opensource tool that we built to help foster analysis and problem-solving skills in junior security analysts. Our tool generates fake web attack scenarios that challenge the student to find key pieces of information using industry tools such as Splunk, or Graylog.
Promote diversity in Cyber
We recognise that there is a significant imbalance within Cyber and STEM professions in general, but it is a complex issue and individual organisations cannot make a significant impact on their own. We are committed to remaining aware of these issues and fully support the councils efforts in this area.
We have recently donated to the Raspberry Pi Foundation, which directly teaches coding skills to children all over the world, and to Code.Org which provides free minigame based coding lessons for children.
Our opensource training tool, pwnSpoof, has been used in CTF competitions which are a key enabler in encouraging individuals into cyber careers and we have worked directly with any CTF organisers to build challenges around pwnspoof.