Andrew Horton, Cyber SecOps Specialist at Beyond Bank Australia, discusses how he refines vulnerability management to improve security accuracy and reporting in this Security Edge interview.

Andrew began his career in cyber security consulting in 2009 by founding his own consultancy, later joining Security Assessment in New Zealand.

He then moved to Australia in 2012, working for what became BAE Systems Applied Intelligence and later for HackLabs.

He developed expertise across a range of cyber security issues, eventually co-founding a startup focused on API security to prevent data breaches.

Currently, he is working as a consultant at Beyond Bank through CyberSage, where he led a cyber security uplift to improve security operations (SecOps), while governance, risk, and compliance (GRC) was uplifted by his colleague Rik Welcome. 

At Beyond Bank, Andrew encounters common issues in vulnerability management, particularly related to outdated systems and poor tool configuration.

Using Rapid7’s suite of products, including InsightVM, he addresses key challenges like “ghost assets,” which are non-existent assets detected by the network, and missing or improperly mapped assets.

His work requires recalibrating the bank’s scanning methods and tuning its tools for better accuracy. By refining the vulnerability management process, he’s able to provide more accurate reports to the C-level executives and board.

To improve the overall cyber security strategy, Andrew emphasises the importance of people, processes, and technology.

His approach involves training the bank’s cyber security analysts through micro-credentials from vendors, ensuring they can handle complex vulnerability management tasks.

He also brought in experts like Yvonne from Cyber Risk to fine-tune the bank’s Rapid7 environment.

With these efforts, the team identifies issues such as obsolete operating systems and unmanaged patches. The now provide accurate visibility across the bank’s systems, ensuring that vulnerabilities are properly addressed and reported.

 

Key takeaways:

  • Comprehensive vulnerability management: Andrew highlights the importance of tuning vulnerability management tools, like Rapid7, to accurately detect and manage assets. This process involves eliminating ghost assets, finding missing assets, and addressing misconfigured tools to ensure a clear security posture.
  • People, processes and technology: Successful cyber security involves more than just tools—Andrew focuses on upskilling the existing team through micro-credentials and brought in external expertise to enhance the accuracy of vulnerability reporting. The right blend of skilled people, effective processes and appropriate technology is critical to security success.
  • Proactive patch management: Ensuring that legacy systems and software are properly updated is crucial to mitigating security risks. The need for a well-tuned platform to measure patching efforts and handle edge cases, such as software that isn’t automatically patched, is crucial to maintain a strong security posture.
Contributors
Andrew Horton Cyber SecOPs Specialist at Beyond Bank Australia
I am a full-stack leader, crypto enthusiast, and cybersecurity expert. I am best known for my open-source security research, forming part of... More

I am a full-stack leader, crypto enthusiast, and cybersecurity expert. I am best known for my open-source security research, forming part of the standard arsenal of penetration testers and blackhat hackers alike, along with mentions in textbooks (The Browser Hacker’s Handbook), academic papers, professional methodologies (OWASP Testing Guide and PTES), and Kali Linux – the most popular Linux security distribution used daily by security professionals.

I was previously Director of Engineering for CoinPayments, the world’s largest cryptocurrency payments provider.

I also advise start-ups, mentor, occasionally give conference presentations, and host the popular information security news aggregator at https://morningstarsecurity.com/news.

I am a believer in open-source in security, McKinsey-style consulting, and advocate Kaizen.

Less
Gabby Fredkin Head of Analytics & Insights at ADAPT
Gabby’s primary role is managing analysis to produce ADAPT’s actionable insights. He has extensive experience in using data to identify technology trends... More

Gabby’s primary role is managing analysis to produce ADAPT’s actionable insights. He has extensive experience in using data to identify technology trends to support Australian organisations.

Using modern data science techniques, he provides ADAPT and its customers with confidence in the accuracy and validity of the information used for ADAPT’s research, advisory and events.

With a passion for creating stories with data, Gabby is consistently rated as one of the top speakers at ADAPT’s events. In roundtable discussions, he specialises in using statistics to initiate thought-provoking discussions. 

Gabby is effective in translating information into insights, enabling ADAPT’s customers to become more data-driven.

Gabby’s primary areas of expertise are:

  • Advanced AI and ML practices, including AI ethics.
  • Building models to benchmark and predict IT performance.
  • End-user behaviour and human-centred design.
  • Cross-functional team design and value, such as DevSecOps.
Less
Security Compliance Modernisation