エピソード
-
In episode 51 of CyberVersed, Mandy Haeburn-Little is joined by Michelle Ohren, T/Detective Chief Inspector and Director at the Cyber Resilience Centre for the West Midlands, and Wayne Horkan, Founder and Project Lead at the West Midlands Cyber Hub.
The podcast focuses on the work and the purpose of the recently founded West Midlands Cyber Hub. Mandy begins by asking about the concept of the Cyber Hub and why it is an important addition to the West Midlands' cyber ecosystem. She explains how and why Wayne came to her with the inspiration and how it is now establishing itself as a place for collaboration and innovation across the region.
Wayne then explains how Hub8 in Cheltenham and DISH Manchester (Digital Innovation Security Hub) inspired him to create something in the region where SMEs could work with Enterprise businesses and students to create a friendly, innovative space that provides a real sense of community.
Wayne and Michelle discuss how the Hub's location at Millennium Point is ideal, from the space and facilities available to the location's accessibility for visitors.
Michelle explains the importance of policing's involvement in the Hub and how it complements the ongoing work being done with SMEs through the Cyber Resilience Centre. She explains how this collaboration provides a much broader view of the cyber landscape than policing alone could ever achieve. Wayne expands on this by pointing out the region's heavy reliance on manufacturing and the specific threats these companies face as part of the supply chains of large-scale enterprises in the future.
Mandy then explores the structure of the Hub and how it is run and governed, to which Wayne outlines the current Steering Group and his longer-term plan to turn the Hub into a C.I.C. (Community Interest Company)
The attention is then turned to how the Hub will also benefit Cyber PATH students, offering them much greater opportunities for engagement and skills development. She cites an example of a student who is thriving through working with Michelle, the CRC, and the Hub, who was offered a week's work experience, which led to a year-long placement with one of the Hub partners.
Michelle also touches on her plans to introduce clinics at the Hub and how they will be an important part of what's available there for SMEs and students.
Wayne rounds up the discussion by outlining what he wants to see regarding the development of the Hub for the rest of this year and beyond. The primary goals are to champion women and neurodiversity in cyber. However, this year the focus will be on how they engage more young people at the Hub and in cyber in general.
-
We're excited to be celebrating our 50th episode of CyberVersed, and equally delighted that Nik Adams, Deputy Commissioner of the City of London Police, was able to join Mandy Haeburn-Little in conversation for this milestone edition of the podcast.
In this episode, not only do Mandy and Nik reflect on some of the great work that has been done since the podcast was introduced, but they also look to the future, with Nik outlining plans already under discussion and development, as well as his ambitions for the future of the CRC Network.
Mandy begins asking Nik, who is the first Deputy Commissioner to have cyber and fraud within his remit, what his role feels like, to which Nik responds by outlining some of the challenges he faces daily. However, he is quick to point out the significant contribution made by partner organisations and the immense commitment and passion shown by all in working together to keep the public safe. He expands on this by explaining the impact of private sector partners and how they are making a vital contribution to the growing 'family' that now extends beyond law enforcement.
Nik kindly discusses the value of the CyberVersed podcast and explains how humbled he is by the transparency, humility, and time the National Ambassador representatives have given, demonstrating their commitment to the podcast and engaging with and sharing valuable insights and intelligence to help listeners make better decisions in their businesses. Indeed, Nik goes on to discuss the wider commitment shown by the National Ambassadors daily and the significant role they play in achieving the long-term goal of making the UK a safer place to work and live.
Mandy then turns the conversation to the recent Annual CRC Network Summit in London. Nik expresses his delight with the day's outcomes and highlights the enormous value of bringing so many relevant people into one room. Singling out the keynote speaker, Rob Elsey Chief Digital Information Officer at the Co-op, Nik enthuses about his candour and the reflections he shared not only about the company's resilience but also about his awareness of his team's emotional state during an intensely demanding period.
Nik goes on to offer some thoughts on wider policing issues, in particular Police Reform, and why he believes it would be a good step forward; however, he also shares his concerns and reservations and expresses the need to retain and expand on what is working well as we move forward.
To finish, Mandy asks Nik to talk about the vision for the future. Nik provides fantastic insight into the new police headquarters and how they aim to integrate policing with the private sector. He shares his vision of a 'campus' comprising a state-of-the-art police headquarters, a court building and a Public/Private sector collaboration and learning centre. His explanation of the value to be derived from such a campus highlights Nik's passion and clarity of thought in how we tackle cybercrime and fraud going forward.
Finally, we would like to thank everyone who has taken part in previous podcasts. We greatly appreciate your contribution to the cyber conversation and look forward to working with you again to continue creating helpful and insightful content.
-
エピソードを見逃しましたか?
-
In CyberVersed episode 49, Mandy Haeburn-Little is joined by Logan Sealey, Regional Director, Chainalysis, and Salih Altuntas, Director, Investigations, NEMEA, Chainalysis.
In this episode, we focus on the work of Chainalysis, looking at threats and opportunities and the broader topic of cryptoanalysis.
Mandy begins by asking Logan about the current threats in Cyber and Fraud, and how the two are converging. Logan highlights the massive increase in illicit crypto transactions, moving from £59 billion in 2024 to £154 billion, making 2025 a record year for crypto activity. Logan also asks and answers whether the fact that almost all cybercrime transactions move through crypto is good or bad news.
Logan also highlights how they are using blockchain intelligence to move from a reactive to a more proactive approach, enabling them to identify illegal activity and shut it down, reducing losses and the duration of attacks.
Logan also explains how blockchain data is helping increase connectivity among partners worldwide; this collaboration is assisting law enforcement in identifying attacks and even contacting people before they become victims.
Salih Altuntas joins the conversation with a very helpful explanation of what blockchain is and how it operates. He also provides some insight into how the data is used and what they can see and interpret through careful analysis. Silah also explains how his background in law enforcement is helping his communication with their partners, and he highlights the primary changes he is witnessing now compared to when we worked in policing.
Salih also provides a helpful update on popular cryptocurrencies and how they have changed in recent times. He also includes information on what they can see about how cybercriminals are moving cryptocurrency, helping them gain a greater understanding of the entire cybercriminal ecosystem. This includes fascinating insights into money laundering techniques and how blockchain analysis is helping them understand how criminals are converting cryptocurrency back into traditional cash. Ultimately, this can enable law enforcement to intervene and recover the proceeds of crime.
Mandy rounds out the podcast by asking Silah how regulators and governments are responding to the activity Chainalysis is seeing, to which he offers his opinion on the increasing sophistication of law enforcement and the courts. Logan finishes by encouraging all organisations to consider adding blockchain intelligence to their cyber resilience armoury.
In Mandy's words, it is an 'absorbing discussion' and a valuable insight into blockchain intelligence and the cybercriminal ecosystem.
Logan was also kind enough to share a link to their newly published report, which is the latest data insights on illicit crypto trends for 2025. You can access it HERE.
-
CyberVersed episode 48 is Part 2 of our focus on the MSP Community. Mandy Haeburn-Little is joined by Michelle Ohren, Director of the Cyber Resilience Centre for the West Midlands, Wayne Selk, VP, Cybersecurity Programs & Executive Director, GTIA ISAO, and Patrick Milford, the newly appointed Cyber Resilience Centre (CRC) Lead.
Michelle shares her experience working with the MSP community. She believes they are essential to the ecosystem, where all stakeholders are focused on the same outcome: helping businesses avoid becoming victims of cybercrime. Michelle explains how she opened the conversation with MSPs to encourage them and explain why they are better equipped to support the SME community when they work together. She also cites an excellent example of an MSP referring a client to the CRC to ensure they received the best possible service for the budget they had available.
Patrick outlines his new role as CRC Lead and his aim to ensure a consistent approach across the network, enabling them to support the SME community at scale. He then discusses his experience working with MSPs as the Director of the Cyber Resilience Centre for the South East. He explains why they were pivotal in reaching many SMEs in the region. He also outlines the benefits of the CRCs being vendor-neutral.
Turning the focus back to his new role, Patrick emphasises that strengthening MSP relationships will be a primary focus for the entire CRC Network going forward. He also provides a valuable example of how the South East CRC has developed a strong working relationship with a large MSP in the South East region following an introduction at the recent GTIA ChannelCon EMEA Conference in London. South East CRC is now working closely with them, delivering joint webinars to their clients; it is an excellent example of how these collaborations are starting to pay dividends.
Wayne goes on to talk about the importance of trust. He acknowledges the great work the CRC Network has done in building trust, so that MSPs are now not just willing to work with the CRC Network but actively seeking opportunities to collaborate in the future.
Patrick talks about the National Engagement Strategy and how it will focus on driving behavioural change, encouraging SMEs to adopt Cyber PATH services and explore Cyber Essentials and Cyber Essentials Plus. Patrick sees MSPs as a vital element of this engagement strategy and welcomes the NCSC's recent guidance about what to look for when selecting an MSP. Wayne agrees with Patrick's assessment but goes further, explaining why SMEs must enquire about an MSP's processes for ongoing maturity and continuous improvement. All three agree that the NCSC's MSP guidance, combined with greater trust and confidence across the entire ecosystem, will enable SMEs to receive the proper expert advice.
Michelle Ohren provides an update on the new West Midlands Cyber Hub based at Millennium Point in Birmingham and agrees to come back to the CyberVersed to explain their work in more detail.
Links:
Cyber Security Resilience Bill
NCSC - Choosing a Managed Service Provider
West Midlands Cyber Hub
-
In CyberVersed episode 47 Mandy Haeburn-Little is joined by two National Ambassador representatives: Wayne Selk, VP, Cybersecurity Programs & Executive Director, GTIA ISAO, and Jamie Akhtar, Co-Founder and CEO of CyberSmart. The topic of discussion is 'The MSP community,' which is Part 1 of a focus on MSPs.
It's a lively and engaging three-way discussion that provides excellent insights into the MSP community and why they are essential in the drive to make the SME community throughout the UK better prepared and ultimately more cyber resilient.
To begin the discussion, Wayne and Jamie define an MSP and discuss how the industry has developed in recent years from a 'Break-Fix' model to an essential provider of managed services to most businesses. Both Jamie and Wayne reinforce the pivotal role MSPs play in improving the cyber resilience of SMEs, explaining why they agree they are the key to greater protection for the SME community.
They chat about regulation and what they consider the best way to develop the MSP community going forward to ensure SMEs receive the best possible service from their providers.
Jamie provides insight into what their partners are telling them about their clients' attitude towards cybersecurity and shares some of the reasons cyber is not at the top of their list of priorities. Both then discuss the challenges of how cyber is presented and the need to reset the conversation around 'the why' rather than the technology. Wayne explains why he believes it should be much more about explaining business risk to business owners and how this approach is proving to be a revenue driver among their members.
Jamie also touches on what SMEs want and why MSPs must deliver solutions that provide complete cyber confidence.
Mandy then guides the conversation to 'two-way communication' and the efforts both organisations are making to improve the sharing of intel to and from the SME community. Wayne provides a great analogy to explain why everyone needs to share their piece of the jigsaw to see the whole picture. Jamie then reinforces that the MSPs are an essential element in completing the picture.
The conversation then moves on to the role that the CRC Network play in delivering the message to the SME community and why the National Ambassadors must do what they can to improve the amplification of the great work being done through the Cyber Resilience Centres.
Jamie also mentions the impending Cyber Security Resilience Bill and its impact on the MSP community. While Jamie describes it as one of the most significant shifts in the cybersecurity landscape, he expresses caution, believing it's a start but not the complete solution.
The whole discussion sets a good picture and leads nicely into the next CyberVersed episode, which will be part two of the MSP-focused discussion, when they will also be joined by team members from the CRC Network.
NCSC has also recently published guidance for SMEs when choosing an MSP. You can view it here.
-
In CyberVersed episode 46 Mandy Haeburn-Little is joined by Jamie Akhtar, Co-Founder and CEO of our newest National Ambassador, CyberSmart, a leading cyber security specialist. They are ideally suited as a National Ambassador company. With over 1,000 Managed Service Providers (MSPs) and over 6,000 SME customers in the UK, they are primed to act as an enabler to this crucial sector within the digital economy. In partnering with NCRCG, CyberSmart seeks to empower MSPs and SMEs around cyber resilience and signpost the support offered by the CRC Network and the national technical authority, NCSC.
Jamie begins by explaining what CyberSmart is and what it does, highlighting their 'obsession' with making cyber security more accessible for SMEs. He explains what he means when he says emotion is one of the great drivers in the business, and why their 'relentless pursuit' is to solve the cyber security problem.
The two talk about company culture, and Jamie provides insight into why culture is so vital to CyberSmart, as it should be for every organisation, empowering everyone to grow by investing in people. How they deliver - through teamwork, drawing on a broad range of skills and experience to make change happen. He goes on to define teamwork as being able to ask for help when you need it and being willing to assist when someone else needs it. For CyberSmart, it's about reflecting on what you have been doing and exploring ways to improve for the benefit of our customers.
Importantly, Jamie points out that they have actively developed the culture rather than simply letting it evolve.
Regarding MSPs, he explains why he believes they are fundamental to solving these challenges: they have access to and can influence many SMEs in their client portfolios. Understanding where the partner is and what they do with their customers. Who are you working with where security is not investable enough, and how can we help the partner provide better solutions to their customers.
Mandy and Jamie go on to have a fascinating chat about Cognitive Bias in Cyber Psychology. It's a brief conversation Mandy would like to revisit with him in the future. Still, he does share nuggets to whet the appetite, such as how some people believe the internet provides people the opportunity to create a different version of themselves. Dissociation allows them to say things they wouldn't in real life. For example, he cites how teenagers committing cybercrimes is, in many ways, a version of this, where people are disconnected and further removed from a moral compass.
Both Jamie and Mandy agreed that it's a fascinating space; understanding why people are involved in cybercrime is part of the solution, and how intervention could win around some of the bright talent to do positive cyber work.
Jamie also turns the tables on Mandy and becomes the interviewer; he asks, "What's the itch you were trying to scratch when you got into cyber?" to which Mandy provides insight into her passion for all things cyber.
To finish, Jamie explains why he's never been more concerned or more excited about the future. Concern stems from the increasing sophistication of cybercrime, excitement comes from the fact that cyber is very much part of the conversation in the UK and now has a national voice, acknowledging that recognition of the problem has never been greater.
-
In CyberVersed episode 45, we explore and explain the Cyber PATH programme. Mandy Haeburn-Little is joined by David Socha, Interim Head of Cyber PATH, Martin Wilson Head of Cyber & Innovation, North East Business Resilience Centre, and Sophie Powell, Talent Manager at Cyber PATH.
Martin kicks off the discussion with a summary of what Cyber PATH is and what it does: essentially, it helps micro, small, and medium-sized organisations (SMOs) understand how they might be attacked and how to avoid it, while providing real-world experience for students exploring careers in cyber.
Martin touches on the changes that have taken place since he started working on the programme, and their willingness and ability to adapt services to address the latest threats and trends.
David Socha explains why his experience in managing change and building teams perfectly suits his current role and why it is right for him to take an interim position to manage the structural changes underway to enable the programme to develop and grow. He also highlights that the primary focus of the changes is designed to create even better engagement with Academia, the CRC Network, students, and SMO businesses.
Martin explains the differences in the service since it began and how relationships among the various stakeholders have blossomed, enabling them to provide a better, more comprehensive range of services.
Asked about the most popular services, David points to Security Awareness Training, Microsoft 365 Service, and Internal Vulnerability Assessments as the three most prominent. Still, he notes that all services are helpful and popular with the SMO community.
Former Cyber PATH student and the 2023 Cyber Student of the Year, Sophie Powell, provides insight from a student perspective and explains how the programme helped her develop essential, valuable skills that she wouldn't necessarily have learned through her scheduled university coursework. Now, as the Talent Manager, she outlines her new role within Cyber PATH and her ambitions for the programme's future development.
Martin explains how service demand is changing and cites Microsoft 365 as an example of a popular emerging service, driven by the growing number of businesses using the tools as an integral part of their operations. He also highlights the power of clearly defined policies and the enormous benefits of having them adequately examined as part of the Policy Review service.
Martin also explains some of the hidden benefits of the programme, which he takes great pleasure in, namely how it helps develop the student's ability to communicate and articulate the findings to business owners or operators.
The podcast is a fascinating examination of the Cyber PATH programme, with three key personnel overseeing specific areas of delivery, yet all clearly sharing a passion for Cyber PATH and its success in developing students and supporting SMOs in building better cyber resilience.
-
In episode 44, Mandy Haeburn-Little is joined by Nick Bell, Police CyberAlarm Lead for NPCC National Cybercrime Team.
Nick Bell is an award-winning security leader and former Detective Superintendent with 30 years in policing. He is a former CEO of the National Cyber Resilience Centre Group, where he launched the CRC network, National Ambassador programme, and Cyber PATH to support SMEs and develop future cyber talent. Nick is experienced in leading investigations into cybercrime, digital forensics, fraud, and cryptocurrency, with a track record of building national programmes and partnerships. Nick was also named Outstanding Security Director of the Year 2023 at the Tackling Economic Crime Awards.
Nick and Mandy discuss his new role and his vision to achieve significant growth for Police CyberAlarm and for it to become a trusted brand in the digital space. During the discussion, Nick explains why it is essential to raise Police CyberAlarm's profile, which he hopes will be achieved by working with third-party organisations such as the National Ambassador companies to demonstrate and deliver exceptional value to businesses and policing.
During the podcast, Nick and Mandy explore what PoliceCyberAlarm is and why it is an essential tool for both businesses and policing. Police CyberAlarm is a free monitoring tool that Nick likens to CCTV for your business. It is an 'always on' monitoring tool installed on your external systems to track activity, such as attempted intrusions. Users receive a monthly activity report that is easily digestible, enabling them to take any required action to bolster their cyber resilience.
Simultaneously, law enforcement can build an accurate picture of the current and ever-changing threat landscape, enabling them to issue targeted alerts to specific businesses about threats that may affect them. So, businesses are not only protecting themselves, they are also helping to gather information and intelligence at scale by providing critical, real-time intelligence that provides law enforcement with relevant data to reduce cybercrime harm and improve national cyber resilience.
Nick also shares some helpful examples of how Police CyberAlarm has assisted a range of organisations, from those in the public sector to small businesses in the private sector.
Nick is clearly passionate about expanding the adoption of Police CyberAlarm throughout the UK, and is hopeful that he and his team will see real growth, especially with Managed Service Providers and public sector partnerships and with a simplified sign-up and installation process.
-
In episode 43, Mandy Haeburn-Little is joined by Joseph Boland-Scott, Security Product Marketing Lead at Microsoft, to discuss the topical issue of Deep Fakes.
In a light-hearted start to the conversation, Mandy opens by asking Joe how she can be sure that it really was him on the call. Joe responds by providing some great suggestions about how you can look out for specific audio or video cues to help spot fake audio and video.
Joe goes on to explain the difference between Deep Fake and AI-generated content; in general terms, he explains that AI content is created from scratch for legitimate purposes, whereas Deep Fake is more about image, video and voice manipulation and is more often than not used much more for malicious purposes.
Mandy and Joe then chat about the areas we are seeing Deep Fakes being used, to which Joe provides some of the more common examples, such as in the onboarding of new employees remotely, where the team has never met the new employee. In these helpdesk vulnerabilities, cybercriminals are posing as current employees looking to restore access to their devices.
Mandy then asks what you should do when you suspect something is not quite right. Joe outlines typical things to look for when you don't feel everything is 100% right. Primarily, question if the person you think you're speaking to would contact you on a particular channel, or would they make such a request at an unusual hour?
By way of encouragement, Joe points to the fact that people are generally much more aware of telephone scamming than they were a few years ago. So, he suggests, in the same way, people will get better at questioning the authenticity of audio and video content. However, he emphasises that awareness is only a small part of the solution; there is a need for much greater collaboration among tech, policy and education to combat the increasing criminal use of Deep Fake.
It is a fascinating insight into the world of Deep Fakes and how to identify and protect yourself against this growing threat.
Microsoft has many resources and guidance to help with cybersecurity awareness. You can explore these here.
Joe also refers to Microsoft's Digital Defence Report, which you can download here.
-
In episode 42, Mandy Haeburn-Little is joined by Gordon Adam, Manager, Cyber Threat Intelligence Partnerships at Mastercard.
Gordon begins by explaining his role and how his department serves as the first port of call for incidents of cybercrime or fraud. He describes how they operate proactively by analysing the threat landscape and reactively responding to incidents and emerging threats.
Mandy is also keen to understand why Mastercard has earned a reputation for being approachable, particularly for SMEs. Gordon then highlights how 'doing the right thing' is a fundamental part of the company's culture; they are keen to make business owners feel secure, and that's why they provide resources such as the GCA Toolkit and Mastercard Trust Centre. For Mastercard, it's about sharing their wealth of knowledge, especially with the SME community. He also explains how they invest time and effort in creating the right messaging when it comes to cyber; Mastercard break it down to make it interesting and simple for those not familiar with cyber. Fundamentally, they are keen to promote the idea that every step an SME takes will improve its resilience.
Gordon also outlines some of the red flags that SMEs should look for, such as unexpected logins, suspicious emails, and tech update prompts. His advice is to start with employee training to build an understanding of the threats and how to prepare for them.
The two discuss why it's essential that businesses feel safe when adopting new technology; otherwise, it can stifle innovation and growth. It is in everyone's interest that businesses thrive, so by providing free support and guidance, Mastercard is helping them become more resilient and confident when adopting an inclusive attitude to new technology.
Gordon offers advice on where to start, reiterating that it's about the basics, including visiting the Mastercard Trust Centre, exploring the GCA Toolkit, and the Cyber Readiness Programme. He also emphasises it's all about preparedness and recommends the GCA Toolkit as an accessible and free resource with actionable guidance to reduce cyber risk.
In conclusion, Mandy asks Gordon how he feels about the industry, to which he responds that it is worse in terms of the volume of attacks. However, he also points out that we are much better prepared than we were in the past. The knowledge of how to mitigate and respond, as well as our capabilities in defence, is significantly greater than it was a few years ago.
His final comments are sound advice, stating that preparation is the best defence. Take the time now to accept advice and have a response in mind, rather than panicking when something goes wrong.
-
In episode 41, Mandy Haeburn-Little is joined by Justene Ewing, Vice President, Health, Care and Life Sciences for UK & Australia at CGI.
It is a fascinating conversation that explores the role technology plays in healthcare and the associated risks as we adopt digital solutions to improve services and productivity.
Justene outlines some of what we already know about the Government's 10-year healthcare plan; primarily that the following three essential elements will be the main focus:
Helping people to stay in their home environment The role that data will play in helping the NHS workforce and the patients, and the family's relationship with their data Prevention before cureJustene explains why digital and data is the 'Golden Thread' running through all three, and why it is increasingly vital to help cope with the demands and pressure on the NHS, which is set to increase significantly in the coming years.
Justene highlights that while digital can improve productivity, she warns that the more we rely on and introduce digital solutions, the greater the risks become. She also believes that while it is getting better, there are still misconceptions around the board table about the scale of the risk, and perhaps even whose 'headache' it is! But, she also acknowledges there's no easy solution because budgets, resources, and capabilities are all very challenging.
On the fascinating topic of AI, Justene touches on the misuse of tools like ChatGPT, which is caused purely by a lack of understanding of the risk and where the data is shared. She advises that while they are great tools that will save time, the risk must be adequately managed.
Justene cites some good examples of how AI is being used to make a difference in healthcare in areas like screening and bed management. These are excellent examples of how AI has been developed with a purpose, rather than innovation for innovation's sake. Her main point around the increasing adoption of AI solutions is that we must ensure there is complete transparency so that we have total confidence in data and that there will always be humans in the loop.
It is a fascinating conversation and insight into the adoption of technology in the health sector and why we must ensure the data is safe in order to prevent the disruption and threat to critical care at all times.
-
Episode 40 is a short podcast recorded when Mandy Haeburn-Little caught up with Richard Meeus, Director of Security Technology and Strategy EMEA at Akamai, and Paul Croker, UK & I Executive Committee Member at GTIA (Global Technology Industry Association. Both attended Infosec (Infosecurity Europe 2025) from 2nd - 4th June and were kind enough to join Mandy for a quick chat about the conference.
Richard and Paul provide a brief overview of their experience over the three days at ExCel London and what they took away from the conference. Both also discuss the value of being NCRCG National Ambassadors and how much they are enjoying the engagement and collaboration with fellow National Ambassadors.
-
In episode 39, Mandy Haeburn-Little is joined by three members of the Microsoft team: Marc Carney, Director, Security Solutions Group; Gabriela Gradden, EMEA Security Sales Director; and Joseph Boland-Scott, Security Product Manager.
The team began by reflecting on a transformative period for the cyber security landscape, with an increase in ransomware and much more targeted attacks, impacting critical infrastructure and supply chains with the use of sophisticated AI-driven resources.
Mark highlights that Zero Trust frameworks are anticipated to become standard practice which will drive innovation in identity management and authentication solutions, helping to streamline and enable robust capabilities to identify users.
Gabriela talks about Microsoft's mission statement, 'Empowering every person and organisation on the planet to achieve more'. She explains how it is more than words and how it actually shapes everything the company does. As an example, she cites the Secure Future Initiative, which was brought about because of the Midnight Visit attack on Microsoft and how this multi-year commitment to how they design, build, test and operate their technology for everyone, starting with Microsoft's 100,000 employees, all of whom are tasked with putting security first.
Joe points out that as one of the most attacked entities in the world, Microsoft has the challenge of dealing with this and the unique opportunity to learn from these attacks as the threat landscape evolves.
He emphasises that password-related attacks increased tenfold in 2024, highlighting the continued importance of identity protection like multi-factor authentication. He also talks about a need for a change in attitude whereby security is not simply one of the focuses; it must become the central focus for all businesses.
Mark states that Microsoft's security posture is stronger and more advanced than it's ever been but warns that the threat environment hasn't stood still. Attackers are more sophisticated and have better resources, especially with the use of AI and automation. So even though Microsoft has up its game, the threats have matched the pace. So it's about continuous investment and improving their capabilities and resources, which they are committed to doing in the UK.
Gabriela also touches on the repivoting of attackers; so, as we become more able to deal with sophisticated AI-based attacks, criminals are going back to basics; human, phishing and identity-based attacks are rising, so it is more important than ever to get the basics right and make sure your people trained and are able to identify these threats.
The team also talk about the persistence of attackers and how they are prepared to stay hidden in an organisation's systems, sometimes for years. He quotes some valuable examples that clearly demonstrate the ongoing need to get the basics right. Patching, training vulnerability management etc. must be priorities.
AI is, of course, a hot topic, and Mandy explores what AI means to the business community. Mark explains the enormous benefits and opportunities offered by AI not only in improving efficiency, productivity and processes but also in the detection of security threats.
They also talk about products like Microsoft Security Copilot that protects organisations at the speed and scale with a generative AI-powered assistant for daily operations in security and IT.
In a broad-ranging conversation, Mandy and the Microsoft team also cover topics like Microsoft's approach to the democratisation of knowledge, carbon emissions from data centres, and how they decide on areas of focus. Deepfake is also discussed, and how it is becoming much more common and one of the top threats to businesses.
-
In episode 38, Mandy Haeburn-Little is joined by two members of the Logistics UK team, the first company from the transport sector to join the National Cyber Resilience Centre Group as National Ambassadors; they are Nigel Smart, Director of IT & Development and Natalie Chapman, Head of Public Affairs.
Nigel begins the conversation by highlighting that while Logistics UK is a membership organisation, it prefers to be known as a business group. In fact, they are the only business group in the UK that represents all logistics, from road, rail, sea, and air, to the buyers of freight. Logistics UK is about representing its members by campaigning governments, ensuring their compliance, training and providing a media presence; its mission is to continue to be in the top three business groups that people turn to for advice in the logistics sector.
Natalie then explains in more detail her department's role and how they work closely with the UK and the devolved nations' governments, MPs, backbenchers and policymakers to influence political decisions. Their lobbying and advice are all evidence-based, which is why Logistics UK is heavily involved in research and reporting. But it's not just about gathering the evidence; they work hard to present the information in the correct formats for the target audience, be it politicians, media or the general public. It's about highlighting how logistics plays a critical role in underpinning the UK economy.
Mandy and Natalie go on to chat about a few of the big issues impacting the sector, such as the UK's ranking on the Logistics Productivity Index and how that has slipped 15 places since 2013 to a current global position of 19th. Also, how they are identifying investment priorities to ensure critical infrastructure is fit for purpose to help minimise congestion and delays. Natalie also talks about their work in decarbonisation and how they are leading the discussion on how we achieve net zero and what they are doing to assist with the skills shortage in the sector with initiatives such as Generation Logistics.
Nigel explains why cyber is high on the agenda at Logistics UK and notes that awareness of the threats and the general interest in cyber has noticeably increased throughout the organisation in the last year, and how they intend to pass on this knowledge to their members in the future.
Nigel also expresses the reasons why Logistics UK was keen to become a National Ambassador and how he is particularly looking forward to working with like-minded people and benefiting from the mutual learning opportunities of being involved with fellow National Ambassador companies.
-
In episode 37, Mandy Haeburn-Little is joined by two members of the team at Akamai, the newest member of our National Cyber Resilience Centre Group National Ambassadors. Mandy chats with Richard Meeus,
Director of Security Technology and Strategy EMEA, and Matt Payne, Regional Director, EMEA Financial Services Industry and Public Sector at Akamai Technologies.
The conversation starts with a brief background about the origins of the company and its name, explaining how a water cooler moment at the Massachusetts Institute of Technology (MIT) back in 1998 led to what is now Akamai, an engineering-led organisation with a platform specifically designed to provide scale and resilience.
The team provided interesting examples of how notable events, such as the release of the original Star Wars trailer, were a test and validation of the platform's design and ability to deal with large volumes of traffic.
Richard and Matt also explain the three main verticals of the business, which are Delivery (of content), Security, and Cloud. However, they are quick to highlight that it's Akamai's ability to bring all of these elements together that makes it unique and provides a platform where the whole is greater than the sum of the parts.
The two also talk about the importance of their Security Operations Centre, which provides customers with direct access to over 250 experienced and competent engineers. They also explain the value of their State of the Internet Report (SOTI Report), which gathers data firsthand from the information Akamai sees daily, providing a view of what's evolving and what's changing in terms of threats.
During the engaging conversation, Mandy asks Richard and Matt if we are getting better at dealing with ransomware attacks and about the impact of AI on cybercrime; both provide insightful and thought-provoking answers to all of the questions in what is a most interesting and open conversation.
-
In episode 36, Mandy Haeburn-Little chats with two of the team at Nationwide Building Society, a valued member of our portfolio of National Cyber Resilience Centre Group National Ambassadors. Rachel Vigor, Business Services, Governance, Risk & Controls Director and Sharon Gould, Supplier Security Manager, Business Services GRC, join Mandy on this episode.
The conversation opens with Rachel providing a snapshot of Nationwide's history and what it stands for. She outlines what it means to be a Mutual and why being owned by its members enables Nationwide to operate with genuine social and community purpose. So, rather than paying shareholders, they are able to spend their money building a safe and secure organisation, giving back to local communities, offering competitive rates, and sharing it with their members.
Rachel and Sharon talk about the company's approach to risk, outlining why it is important and how it encourages open, honest and transparent conversations that not only maintain operations and keep members safe but can also identify opportunities.
Speaking specifically about risk in relation to the supply chain, they highlight how they are leveraging new technology to establish risk profiles and enhance technical controls. Again, they are keen to emphasise that working with suppliers, particularly around SMEs and cyber security, is an extremely collaborative approach, with clear communications about their expectations while being realistic about the resources available to smaller organisations.
They also talk about their current dual-branded NCRCG/Nationwide supply chain campaign to encourage SMEs to join their local Cyber Resilience Centre. In addition, they explain why they are working closely with IASME to promote and endorse Cyber Essentials and Cyber Essentials Plus.
Finally, Rachel is asked the burning question about Nationwide's acquisition of Virgin Money. She explains that it's early days, but reassures listeners that they'll use the experience of over 250 previous acquisitions to proceed with care as they integrate the two dynamic brands!
-
In episode 35, Mandy Haeburn-Little chats with David Scutt, Head of Software Sales EMEA at HP, the global technology leader, operating in 170 countries and shipping three devices every second!
David begins the conversation by outlining the core focus areas of the business, which are Personal Computing & Printing, 3D Printing, Hybrid Work, and Gaming. Essentially, they provide innovative workforce solutions where security and sustainability are non-negotiable deliverables across everything they do.
David provides some insight into how they maintain cyber security across the business using things like the HP Work Relationship Index to gain valuable insights into user needs and trends. He cites an astonishing example whereby their research revealed that only 27% of knowledge workers responding to a survey believed they had the tools to do their job! David goes on to explain why this information is essential to enable HP to provide innovative solutions that ultimately make work easier while improving efficiency and productivity.
Mandy and David also discuss the HP Customer First Community, where employees share customer experiences to help build solutions and address specific problems, reinforcing HP's commitment to enabling users to work without worry by focusing on making products secure by design.
David also explains why becoming a National Ambassador was important to HP, and he acknowledges the importance of the SME community to the UK economy, many of whom are HP customers.
Sustainability is paramount at HP. David explains what they are already doing to ensure materials are in use longer. He highlights that 95% of home and office printers shipped in 2023 included recycled materials, and HP-branded paper and paper-based packaging are derived from certified recycled sources. These are just a couple of examples of HP's approach to sustainability, which is central to everything they do.
It's an interesting conversation that provides genuine insight into HP and how the user experience drives everything it does.
-
CyberVersed episode 34 is the final podcast of 2024, and fittingly, Mandy Haeburn-Little caught up with Nik Adams, Assistant Commissioner, City of London Police and Chair of the NCRCG National Ambassador Steering Group. Their conversation highlights the progress made during 2024 and, more importantly, outlines the opportunities and goals for NCRCG and the CRC network for 2025.
Nik and Mandy reflect on the range of National Ambassadors and why it's essential to explore and understand the vulnerabilities sector-by-sector and work in partnership with the National Ambassadors in their respective sectors to encourage and support their supply chains to become more cyber resilient. Nik also touches on the fact that it's not only about having the proper companies in each sector but also about tapping into the expertise and experience of the right people within their organisations.
During the engaging conversation, they also discuss the invaluable work being done in the nine regional centres and the commitment and passion shown by their teams to support SMEs in their communities. Nik highlights their vital role in collaborating with the National Ambassadors to deliver consistent messaging and guidance to their SME suppliers locally.
The two also discuss the critical part that the Cyber PATH programme plays for cyber students whereby they deliver assistance to SMEs and, at the same time, gain valuable real work experience that is encouraging more young people into cyber and developing a talent pipeline for policing and law enforcement. They also note how Cyber PATH is addressing diversity and identifying how the programme is attracting a range of people, particularly those who are neurodivergent.
Throughout the podcast, Mandy and Nik refer to the National Ambassadors and express gratitude for their support, the current National Ambassador portfolio includes:
AVIVA, CGI, Chainalysis, CompTIA, HP, ISC2, Logistics UK, Mastercard, Microsoft, Nationwide, NatWest Group, Resilience, SANS, SAS, Sir Robert McAlpine, The Very Group, and Trustify.
Finally, we wish all of our listeners a Merry Christmas and a happy and prosperous New Year.
-
In CyberVersed episode 33 Mandy Haeburn-Little catches up with one of the founding ambassador companies, The Very Group. She is joined by Muktar Mahama, Head of Product and Digital Experience, in a truly insightful conversation about The Very Group's total commitment to customer experience and the continuous monitoring and refinement to ensure the complete customer journey is the best it can be.
Muktar explains the process and how various teams, known as 'squads', collaborate in every aspect of the buying experience. He describes the responsibilities of each squad, which comprise Product Design, Research & Development, Onboarding, Discover, PDP (product detail page), Checkout, My Account and Mobile App. It's a fascinating look at what each team does and how they work together to refine every customer touchpoint and address any pain points they can identify through meticulous monitoring. Muktar also provides some insight into the scale of the business, which has 4.3 million customers and around one million visitors every day. He also touches on how they cope with the peak times around Black Friday and the lead-up to Christmas when the site experiences around a 30% increase in daily traffic.
Muktar also provides some information about his recent graduation from the Ethenic Senior Leaders Programme, something he is passionate about and strongly recommends to other business leaders.
-
CyberVersed episode 32 focuses on Trustify, one of the newest National Cyber Resilience Centre Group's National Ambassadors. Mandy Haebrun-Little talks to John Madelin, Advisory Board Member at Trustify. John is a highly respected cyber professional with 30+ years of experience in the design, build and management of Cyber Security. It is evident during the conversation that John is passionate about delivering high-quality security solutions that are accessible to the SME community.
He provides his views on what is often overcomplicated messaging and the need to demystify and simplify the topic of cyber security. It is refreshing to listen to John as he demonstrates an excellent understanding of the issues faced by SMEs and how Trustify works with each client to understand and adapt their offering to meet the unique challenges of each organisation. Beginning with a risk assessment, they quickly address what are usually straightforward issues that get the client to a point where they can 'sleep at night'. Then, the focus is on a customised action plan that addresses issues relevant to the business.
John talks about the importance of detection and the critical need for continuous monitoring. However, he again demonstrates his desire to uncomplicate things by emphasising that there are only 15 signals used by cybercriminals to get into your systems. Indeed, he offers a case of champagne to anyone who can cite a material cyber incident that doesn't fall within one of the 15 signals!
John's passion and energy are evident throughout the conversation, especially towards the end when he explains why he is looking forward to collaborating with NCRCG to help make cyber resilience more attainable to the SME community and the work he'd like to do around inclusivity and encouraging young people into careers in cyber.
- もっと表示する
