063. Incentivising the Security Team

In today's episode we talk about incentivising your Security Team and making sure that the defensive team are getting praise for a job well done. As well as noting that the red team's job isn't over when they find a high impact vulnerability. Key Points: 0'49 There's more to staff retention than bonuses 1'40 The problem of the romanticisation of the red team 3'30 Measuring progress in security improvement 4'25 Purple Teaming may help reduce the gap 11'00 Empowering the defensive team 15'15 Measuring offensive teams Links: https://soundcloud.com/hackedoff/009-an-intro-penetration-testing-vs-red-teaming https://soundcloud.com/hackedoff/an-intro-cybersecurity-maturity-assessments Listening Time: 18 minutes Hosted by: Holly Grace Williams, Technical Director at Secarma