Here’s a Q&A with Jeff Warren, pictured, Chief Technology Officer at the data security product company Netwrix.
What are the most pressing cyber security challenges in the UK?
Cyberattacks are an ongoing challenge for organisations of all sizes across the world. Ransomware is a particular growing threat: according to recent research, ransomware payments totaled almost $450 million in the first six months of 2023 alone, compared to $500 million for the entire year in 2022. Ransomware incidents in the UK this year include the attack on Royal Mail by the LockBit group and the attack on Barts Health NHS Trust by BlackCat.
Another trend worth mentioning is the need to meet steeper requirements in order to obtain a cyber insurance policy. A 2023 cybersecurity breach survey by the UK government found that 37pc of organisations are insured against cybersecurity risks, including 63 per cent of medium-size businesses and 55pc of large businesses. However, before being offered a policy, organisations typically need to go through a security audit by the prospective insurer. A Netwrix report reveals that every second company had to implement additional security measures to qualify for the policy they chose.
One UK-specific security challenge is compliance with the Data Reform Bill, which promises to strengthen the UK’s data protection standards, increase financial penalties for spam callers and reduce the number of cookie pop-ups that users experience. One of the main difficulties that will have to be navigated is where the Data Reform Bill does not align with previous EU GDPR legislation.
What can companies do to maximise their cybersecurity defences?
To reduce the risk of a breach, it is essential to eliminate a siloed approach and ensure security across three primary attack surfaces: data, identity and infrastructure. Data is the first among these equals, as it is the ultimate goal of the attacker.
Using a cybersecurity framework will assist organisations in addressing each of these three key attack surfaces. For example, the five pillars of the NIST CSF helps you focus on:
- Identifying the data you have and where the risks are
- Protecting against threats by closing security gaps
- Detecting threats promptly
- Responding to incidents with automated actions to contain their impact
- Recovering quickly to get the organisation back to business
How can the industry cross the cyber skills gap?
One option for addressing the lack of cybersecurity expertise is to consider outsourcing security-related tasks to a managed service provider (MSP) or managed security service provider (MSSP). This approach not only eliminates the need to hire additional internal IT talent but can also reduce the cost of maintaining security software. For example, if a new compliance requirement arises, the MSP can make the necessary changes once, implement them across their customer base and share the cost of the customisation among those clients.
What do you think has emerged as a technology trend of 2023 and why?
AI has grabbed most of the headlines in 2023, but other important trends have been developing behind the scenes. An example isthe tightening of security budgets, which is resulting in a drive to get as much functionality as possible out of existing tools. A related trend is that companies are taking a closer look at what platforms they depend on for their IT security and reducing overlap by consolidating on a few strategic vendors.
What do you identify as the major areas of investment in your industry?
Our survey which consists of over 1,600 IT and security professionals worldwide found that identity governance tops the list of measures that organisations plan to implement in 2023 to improve cybersecurity both on premises and in the cloud. What’s more, three of the top four planned security measures are closely related: identity governance, review of access rights (attestation) and privileged access management (PAM) all help ensure that the right users have the right access to the right things at the right time. Automating these processes saves valuable IT team time and improves accuracy, yielding a resilient and agile security posture.
How did you get to your role now?
I started my career as a software engineer but moved on after a few short years to pursue an opportunity in product management. I felt most comfortable in the area where business and technology overlap. I was drawn to the challenge of building software that can solve real problems. After spending several years in a PM role, I found a passion for helping to build highly effective teams and expand the range of what’s possible in my organisation, which led to my eventual role as CTO.
If you could give one piece of advice to other cybersecurity professionals, what would it be?
Achieving great things in tech requires an equal focus on people and technology. You need to learn how to work with both.
If you weren’t in tech, what would you be doing?
I knew I wanted to work in tech as early as sixth grade, so there was never another option for me. However, outside of tech, I think I could find joy as a music instructor or a travel agent.
What is the best book you’ve ever read and why?
Regarding my career, the best book I’ve read was “The Inmates Are Running the Asylum” by Alan Cooper. It introduced concepts that would shape the way I approached building products and teams going forward. I shifted from worrying about what is possible when it comes to building security solutions to focusing on what users need from those solutions. That thinking has bled into many other areas of my daily life.
What would you like your legacy to be?
Whether as a father, a husband or a co-worker, I hope to be remembered as somebody who genuinely cared about the people I interacted with and tried their best to make the right decisions, even if they are difficult ones.
