Track 1.1 - Choosing the Right Colour - the Red, Blue or Purple Team?
This session covers a comprehensive discussion of some of the hot topics in cyber security including the following questions:
- Purple teaming - the new cyber security buzzword but what does it entail?
- Is purple team your colour?
- Practical examples of purple teaming - roles, responsibilities & metrics
Mr. Richard Davies
Associate Managing Director, Cyber Risk
Kroll Associates (Asia) Limited
Richard Davies is an Associate Managing Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in Hong Kong. Richard has nearly 20 years of hands-on experience managing, leading and performing a wide range of technical cyber security services, such as red and purple team attack simulations, security architecture reviews, product assessments, code reviews, reverse engineering, security research and security training. He has assisted organizations in diverse sectors, including federal/ central government, tier-1 banks and prominent public listed companies.
Richard joined Kroll in 2018 after serving for 13 years in progressively more responsible roles with Context Information Security, a leading firm providing technical assurance, incident response and cyber investigation services. He was named Technical Director – Asia Pacific Region in 2016 and was concurrently serving as Head of Assurance for the region since 2014. In this role, Richard managed and was involved in the delivery of cyber security consultancy and red team projects across a variety of verticals (e.g., government, healthcare, banking, telecommunications, energy, mining, legal and retail), including critical national infrastructure (CNI) in Australia and Hong Kong.
As a Senior Consultant for the firm from 2005-2014, Richard provided cyber security services and consultancy to some of the world’s highest-profile organizations and government agencies. He also played a pivotal role in establishing Context’s expansion into Germany. Richard performed and led hundreds of penetration tests, red team exercises and other security assurance activities, including a high proportion of CNI projects. During this time, Richard was a highly security cleared CESG CHECK Team Leader, where he led technical security assessments in the UK and UK overseas territories, including a high proportion of critical infrastructure such as international payment gateways and payment settlement platforms; government federated identity and access management systems; and intelligence sharing platforms and mainframe environments.
Richard began his professional career with PricewaterhouseCoopers as a Developer, based in London. He has extensive expertise in coding/ software development for a wide variety of languages, frameworks and platforms.