Purvi Kay, pictured, besides a cyber security speaker, has worked across government, national infrastructure and defence, and is now Head of Cyber Security within a UK defence prime. In this interview with the London Keynote Speakers Agency, she shares her views on why cyber failures often begin with leadership, the capabilities security leaders need, and how the future of cyber security will be shaped by AI, resilience and human judgment.
What is the most significant mistake businesses make when approaching cyber security?
Purvi Kay: โI think we hear it a lot, and this is also one of my personal views. In cyber security, leaders think of it as a technical problem, and they forget that there is a technical element to it, but it is actually a leadership and culture issue as well. Most of the cyber security issues and problems we see come from weak governance, for example.
โThey come from poor communication. When your technical experts are not able to translate all that technical jargon to your leaders to make business sense, theyโre not able to make informed decisions. So that poor communication is also something very key to security.
โAlso, when thereโs unclear accountability within the organisation, whoโs doing what, who is responsible, who is accountable for all these risks, I think those things are undervalued, and that is one of the biggest mistakes that weโre making currently.
โI feel that cyber doesnโt fail because of just not having good tech, but it fails because culture fails, and so we really need to tap into culture. So, the technology that we are pumping so much money into is great, but itโll only work when our people and our governance and our leadership work in cohesion.โ
Which capabilities matter most for effective security leadership?
Purvi Kay: โGenerally, for any leaders, you think about strategic vision, empathy and influencing ability, but the best leaders Iโve seen in security are those that can translate complexity into clarity and those that can bring the organisation along with them. It is very difficult for leaders to sell security.
โSecurity is always seen as a barrier, but great leaders are able to show the organisation that security is actually an enabler, and it should be thought about at the forefront.
โIt should be thought about at board level, and those people who are able to do that are really good cyber security leaders, or security leaders in general, because they donโt just manage risk, but they inspire clarity. They inspire confidence, and they bring about collective responsibility in the organisation.โ
How do you see the security landscape evolving?
Purvi Kay: โSo I see security shifting towards proactive, intelligence-driven models. Especially with AI, we are also seeing a lot of AI-accelerated threats. Weโre also seeing security shifting to a more secure-by-design approach, and that is brilliant because weโre now looking at security being embedded at the forefront of everything you do, everything you build, which is a great approach.
โBut what Iโm also seeing at the centre of all of this is human resilience. I know thereโs a lot of hype about AI replacing humans, but I think that without human resilience within the midst of this, AI is not going to work. So, we need that human element to it as well. What Iโm also seeing is a shift in security towards global collaboration.
โI think our allied nations are realising that weโre in it together and we need to collaborate even more. So, in terms of the future of security, I feel that it is built on AI, but where all that is embedded in the design, and security is embedded in the design, all of this needs to be powered by human resilience globally.โ
What do you want audiences to leave with after hearing you speak?
Purvi Kay: โNormally, when Iโm speaking in my public engagements, I want the audiences to feel empowered, and I always go with that intention for audiences to feel empowered. I want the audiences to feel that they can challenge the norms and they can embrace inclusivity, whether itโs about inclusive security, inclusive leadership and bringing in diversity in their organisations.
โI want them to think about how very small changes in behaviours can shape the culture in their organisations. But one point Iโd make is, when I speak, I just donโt want the audience to listen. I want to inspire them to take away some action points that they will go and implement and create positive impact in the world.
โIf, after Iโve spoken, the audience leave feeling that they can personally drive some change, then I feel like my job is done and transformation in the world has already begun at that point.โ
This interview with Purvi Kay was by Tabish Ali of the Motivational Speakers Agency.
About Purvi Kay
She serves as anย advocate for Women in Cyber Securityย andย Neurodiversity in Cyber initiativesย and sits on the advisory board for Cyber London. She’s given a TEDx talk,ย ‘How Neurodiversity Can Strengthen Cyber Security’.
