concept of Cyber Safety – which we now hold at the centre of our business .
After debating the question of , ‘ what do clients really want ?’, and subsequently brainstorming human behaviours and desires , we realised it all came down to wanting to ‘ know ’ and be ‘ aware ’ of activities .
We therefore simulated an exercise with our clients to do the ‘ triple A ’ – awareness , acknowledgement , and action . Acknowledgement came down to businesses attempting to secure themselves , investing in tech , acquiring services from partners or vendors , then ultimately making them work well . Fundamentally , the outcome of these simulations resulted in the question , if security isn ’ t enough , then what is ?
The answer : The concept of being safe .
How did you get your first big break in the cyber industry ? When we started in 2010 , we delivered solutions on what we call a ‘ journey ’, whilst most other providers did box dropping , and still do to a degree . In 2016 , we realised we could do more for our clients . We turned our focuses to the offensive side of security , to best understand how effective defences should work . It was incredibly disheartening to see that a lot of what we tried would be unsuccessful against offensive methods – but this is the reality of the threat landscape today . We were lucky to have this hard lesson early in our company ’ s development .
For others , the easiest path would have been taking the lifestyle route , focusing on personal benefit , rather than coming up with a genuine solution . But this was not in our DNA . So , we sat down to rethink who we were and what we were doing . Installing services and making them work well clearly was not enough . We came up with the
What skills do you think a great cybersecurity professional requires ? Individuals must have a deep , up to date understanding of the world of IT and cyber . You must also have a clear comprehension of the business for which you are providing security , including what makes it successful . For that , you must have deep levels of curiosity . Another key focus is satisfying the board and shareholders – they determine what the future is .
What are the current threats that you think public and private sector organisations should be aware of ? I would argue that the scope of attacks has changed , and continues to change , significantly over the years , particularly as a consequence of the increased use of the cloud . The big attack vectors making the media headlines are the usual suspects – ransomware , DDoS and phishing – but responding to these threats requires more than just deploying solutions for specific
cybermagazine . com 17