IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Black Hat Europe: Strong security relies on a 'culture of openness'

Security analyst Regina Bluman says managers and executives need to “be human” and “admit mistakes”

A smiling manager showing a thumbs up to their employee

Executives and managers need to do a better job of creating a safe space for knowledge-sharing if they hope to make their organisations more secure.

This is according to security analyst Regina Bluman, who claims that the infosec industry’s habit of gatekeeping knowledge is making collaboration and learning more difficult – and the overall sector less secure.

“Security can be complex at times, but it doesn't have to be,” said Bluman, speaking on the second day of Black Hat Europe 2021.

“I think a lot of people like to overcomplicate it because it makes us feel a bit special. It makes us feel a bit fancy. But we can simplify things so we can build these breakpoints. We can help people in the business understand how to share knowledge safely and we can make it more simple for them,” she added.

Employees from minority backgrounds are more likely to be reluctant about voicing their opinions, according to Bluman, who called for a greater “diversity of thought [and] background” in the sector.

“It's great that there are more women in the industry, but diversity doesn't stop there. If you're on a panel, if you're contributing on a webinar, try and get other people [to contribute] who are diverse,” she told Black Hat attendees.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

Bluman, who is a member of anti-harassment initiative Respect in Security, encouraged managers and executives to “be human” and “admit mistakes” in order to help create a more open culture “by being an example”.

“If you are an exec, if you are a manager of a team, show people that it's okay to fail, that it's okay to put your hand up and say: ‘I've done something, I'm not perfect’,” she said.

Bluman also encouraged organisations to do more to contribute information, as opposed to commodifying it, and advised individuals to find opportunities to share their knowledge and not belittle others for their mistakes.

This comes after research by Respect in Security found that almost one in two cyber security employees had experienced harassment at work socials (48%) and in the office (47%), while more than a third admitted to having experienced bullying at industry events (36%).

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022
What is phishing?
phishing

What is phishing?

29 Apr 2022

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation
Sponsored

How full-stack observability can accelerate IT innovation

3 May 2022