By Eleanor Bennett

Interview

3 min read

In the latest instalment of our interviews speaking to leaders throughout the world of tech, we’ve welcomed Lia Edwards. Lia leads the consultancy side of Threat Protect’s service offering having operated as CIO for several multinational corporations, including Fresnel before co-founding Threat Protect, where she provides consultancy and support on compliance and audit projects, working with clients such as KPMG among others.

Tell us about the business you represent, what is their vision & goals?

Threat Protect is a UK-based cybersecurity consultancy. We are vendor agnostic and operate a people, process, technology way of working – meaning that we take time to get to know our customers on both a professional and cultural level when making cybersecurity recommendations.

What inspires and energises you within your work?

I work with multiple companies and in each, I have met so many people that have shared their experiences and knowledge with me.

There are some that have overcome personal challenges that many people will never face and then there are others that have built a culture many companies can only dream of. It is these people that inspire me and I thank them every day that I get to learn and work with them.

Can you share a little bit about yourself and how you got into cybersecurity?

I spent the majority of my early career as a software developer until I was offered a position to do some technical consulting.

There was something about it that made me look at what I was doing and know that I had a lot of knowledge that I just wasn’t using. I was lucky to be working with a company that allowed me to see how far I could take my knowledge which turned out to be quite far as with a few years I was their CIO.

After that company was acquired I was approached by a friend about building a cybersecurity company and well the rest is history.

What advice would you give to someone wishing to start their career in cybersecurity?

Listen, learn, and never stop learning. If you are at the start of your journey in cybersecurity try and get as much experience as you can and ask questions of people more established in the industry.

What are some misconceptions that you believe businesses have about cybersecurity?

You see it a lot less these days, but for a long time, it was that cybersecurity was an IT problem.

You’ll obviously still get those that put their head in the sand but on the whole, I believe most people now understand that cybersecurity is the responsibility of everyone, IT functions are just the facilitators.

There is however one myth that I still think holds in 2021 and that is small and medium-size businesses aren’t at risk of ransomware attacks. It’s simply not true. Worse still, many times the ransom is simply too high for the company to pay without enduring significant financial difficulty.

The ease at which you can purchase targeted ransom attacks on the dark web means that customers or staff with grudges have access to this form of revenge.

Do you think that cybersecurity training should be mandatory for the majority of businesses?

Unequivocally yes! A quick look at the latest stats will tell you that the majority of cyber attacks have some form of human involvement. Attack vectors change all the time so keeping up to date and knowing your role to help stop cyber-attacks is imperative.

How has the rise of insider threats impacted the cybersecurity landscape?

The cybersecurity landscape is constantly changing. The threats posed by insiders has been accelerated by the Coronavirus pandemic.

With the majority of people working from home, the lines between work and home life became somewhat blurred, resulting in a shift of mindset and behaviour in many cases.

Additionally, many IT teams lacked the tools and visibility to manage insider activity whilst working remotely into activity and many had to roll out BYOD policies which comes with its own host of potential security issues.

Are there any books, blogs, or other resources that you highly recommend?

If there is only one blog you read then it has to be Krebs on Security.

If you enjoyed this post and want to keep reading our best articles then why not check out our article to learn the differences between REST vs SOAP?

backReturn to Blog