Phillip Wylie is an internationally recognised cybersecurity expert, ethical hacker and offensive security specialist with more than 28 years’ experience across IT, network security, application security, penetration testing, red teaming and social engineering.
As co-author of The Pentester BluePrint, founder of The Pwn School Project and host of The Phillip Wylie Show, Phillip has built his career around making complex security risks easier to understand without stripping away the technical reality. His work focuses on the gaps organisations miss when they rely too heavily on surface-level testing, compliance checks or security awareness campaigns.
In this interview with the IT Security Guru, via the Cyber Security Speakers Agency, Phillip discusses why vulnerability scanning is not enough, how attackers are exploiting overlooked devices such as cameras, printers and IoT systems, and why security teams need to understand threat behaviour as much as defensive technology if they want to stay ahead.
Where do organisations most often think they’re secure, but aren’t?
“I think there’s a couple different things. One is their vulnerability management programme, where they’re doing their vulnerability scanning. They think that’s enough, or with pen testing, they’re not using all the different methods to test.
“Some cases companies will use software that do social engineering or, you know, phishing campaigns, but what happens with those, they don’t have a payload in them. So, they’re really just testing security awareness.
“While that’s good, you really need to be testing using a payload to see what happens if someone accidentally clicks on one of those links that they shouldn’t click on.”
How do attackers adapt to new technologies faster than most organisations secure them?
“Well, this one-off what affects this is threat actors have to continue to change the way they do things. It’s getting more difficult to get into organisations.
“One example was the Akira ransomware. They weren’t able to get a foothold in the environment. So, threat actors are going to external devices like web security cameras and printers and different IoT connected devices.
“So, they were able to go in, hack that device and then do a shared connection to one of the internal systems and then install the ransomware.
“So, they’re constantly having to alter the way they’re doing things because people are getting better about defending them.”
How can security teams stay ahead of evolving threats without slowing down innovation or progress?
“It’s kind of twofold. Education, you know, being educated on the latest types of defensive techniques as well as learning how the threat actors are attacking.
“So, this is done through courses, education, webinars, as well as cyber threat intelligence.
“So, if you’re keeping up with cyber threat intelligence and the latest news, you’re able to see what the threat actors are using to exploit organisations. So, you’re able to kind of stay ahead of the game.”
What do you hope people take away from your public speeches?
“One of the things I get a lot is I’m able to explain complex topics where people can understand it.
“So, when I give my speeches, I want people to be able to understand and learn something from that and enjoy it as well.
“I like for my presentations to be enjoyable and not boring. So, one of the main things I want them is to come away learning something.”
