Stewart K. Bertram

MLitt, MSc, Crest CCTIM – Director of Threat Intelligence and Professional Services
Stewart K. Bertram

Stewart K. Bertram has over 13 years of experience working within intelligence and security. Stewart’s experience spans both public and private sectors with a large portfolio of successful global projects. Currently leading Digital Shadow’s efforts within the area of Threat Led Penetration Testing, Stewart has extensive experience in delivering the UK’s CBEST programs, Netherland’s TIBER projects and Hong Kong’s iCAST projects. In addition to his professional interests, Stewart is working towards a PhD in Internal Relations in Cyber Proxy Forces at the St. Andrews University in Scotland.

Recent Posts by Stewart K. Bertram

Escalation in Cyberspace: Not as Deniable as We All Seem to Think?

April 12, 2018

The recent assassination attempt on former Russian spy Sergey Skripal has led to a deluge of cyber-based conspiracy theories within …

read more

Digital Shadows Launches Weekly Newsletter: “In the Shadows”

January 8, 2018

Digital Shadows has just launched a new research-led weekly newsletter, “In the Shadows”, and podcast, “Shadow Talk”. Both highlight key …

read more

Threat Led Penetration Testing – The Past, Present and Future

July 10, 2017

What is Threat Led Penetration Testing? Threat led penetration testing is, in essence, using threat intelligence to emulate the tactics, …

read more

Step by Step: The Changing Face of Threat Led Penetration Testing

February 28, 2017

Organizations are increasingly adopting the threat led approach to penetration testing. This approach essentially advances the boundaries of conventional penetration …

read more

F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate – The Alternative Intelligence Cycle

February 8, 2017

The F3EAD cycle (Find, Fix Finish, Exploit, Analyze and Disseminate) is an alternative intelligence cycle commonly used within Western militaries …

read more

Show me the context: The hacking proof of concept

September 8, 2016

A common feature at security conferences, especially those that demonstrate hacks, is the proof of concept. This typically involves a security …

read more

False flags in cyber intrusions – why bother?

August 17, 2016

False flag operations have long existed in the physical world, a tactic used to make an operation appear to have …

read more

Towards a(nother) new model of attribution

July 21, 2016

Actor attribution is a common issue and activity within the world of cybersecurity. At its core, the actor attribution process …

read more

Open Source Intelligence versus Web Search: What’s The Difference?

July 11, 2016

“I can get that from Google!” – is a common phrase that has been directed at me during my time …

read more

The philosophical difference between the Old and New Schools of the cybercriminal underground

June 27, 2016

I would recommend that anyone interested in the serious study of criminal activity on the dark web should pick up …

read more