The threat of a breach is ever-present for companies today. It may be from an external attacker or someone inside the organisation. It doesn’t matter where the attack comes from, it will happen to all companies, irrespective of their size and industry sector. What is important is that you train people to deal with the situation and you know where your data is.
Enterprise Times talked with Mark Ward when he was the Group CISO at the Provident Financial Group PLC. Ward believes that security is everyone’s problem. Unlike many who then add a glass ceiling, Ward said: “We see a lot of people talking about how do you get the message across in the boardroom? And I don’t think the message is difficult to get across in the boardroom anymore. I think if you’re a member of a bank’s board and you don’t know about cybersecurity, you shouldn’t be a member of that bank’s board.”
It’s a point that most companies would do well to heed. Educating those board members of the risk of Phishing and BEC attacks is one thing. Getting them to understand what the threats and risks are, and where to invest in solutions is another. Boards want to know what the return on investment is, something that Ward calls out.
Ward also talks about the risk from the supply chain and the need to visit and verify how those suppliers handle data. It is something few companies do well.
The scarcity of skilled people has driven up wage demands across all roles in cybersecurity. Ward prefers to train someone into a role than throw money at the problem. It’s a refreshing solution to the problem
To hear more of what Ward had to say, listen to the podcast.
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there