Now that the entries for Cyber Awards have closed and our judges are sharpening their pencils for the judging day and preparing to score all the outstanding quality applications, we’ve asked Richard Holmes Vice President for Cyber Security Services at CGI to answer a few questions on why they are supporting Scottish Cyber Awards 2018, why it is necessary to recognise those working in the industry and what the future holds for cyber security in Scotland.
Why are you backing the Scottish Cyber Awards 2018?
We believe that Scotland can rapidly become a world leader for cyber security talent and innovation and CGI is delighted to support the Scottish Cyber Awards as headline sponsor.
We’re particularly pleased to help recognise those individuals and organisations who are at the forefront of the growing cyber security industry in Scotland and supporting the local economy.
CGI has a significant local presence in Scotland and supports organisations across the varied sectors with their business and IT requirements. Cyber security is part of everything we do, and we continue to build our local presence supporting varied organisations with their security needs.
The Scottish Cyber Awards are a great way to celebrate CGI’s commitment to supporting organisations in Scotland and celebrating the achievements of the sector throughout the last year.
Has enough been done to recognise talent and innovation in the cyber-security industry?
Awareness of cyber security as a business issue and profession has grown considerably in the last few years, but there is still a long way to go.
Initiatives like the Scottish Cyber Awards run by the Scottish Business Resilience Centre have and will continue to significantly help build the momentum of awareness around cyber security as a sector.
The categories of the awards are particularly exciting, and we are really looking forward to judging the entries and celebrating with the winners during the evening. With categories such as Leading Light Innovation Award and Best New Cyber Talent, the awards will definitely help to shine a light on talent and innovation in cyber security.
Do you feel that the industry in Scotland is leading by example in the global fight against cyber-crime – or do we need to do more?
All industries are on a continual journey with cyber security. CGI sees organisations in Scotland working to improve their cyber security maturity, by assessing the risk to their organisations and taking appropriate steps to mitigate these risks in a cost effective and appropriate way. Of course, these risks change over time, so the work is never done!
What do you believe to be the biggest development in cyber-security in recent years?
The recent legislative changes of the General Data Protection Regulation (GDPR) and Network and Information Security Directive (NISD) have undoubtedly driven increased awareness of cyber security issues and required organisations to review and put plans in place to effect the changes required. It’s still early days for both GDPR and NISD, and we’re seeing organisations in Scotland and other regions continue to evolve the maturity of their plans and building cyber security and data protection into their risk management approach.
There’s also increasing importance of operational security needs across the public and private sector. We’ve seen a shift in focus from defending and ‘locking down’ borders of IT, to a more holistic day-to-day understanding and monitoring of networks for cyber threats. This has been caused by a recognition of the fact that cyber breaches will occur, and can be mitigated to a large extent by the effective use of threat intelligence. This involves organisations understanding the detailed configuration or their own networks and the additional services they use.
Both developments have led to an increasingly holistic approach to risk management, and organisations in Scotland now look to understand what’s critical to their business and what their biggest risks are, and protect against them in a proportionate and cost-effective way.
What are the key challenges that face Scotland in terms of cyber-security?
Scotland’s multiple sectors, for example financial services, oil and gas and public sector, all face significant interest from cyber adversaries. This threat not only affects the organisations, it also impacts their supply chains, including Scotland’s thriving SME community.
As the growth and demands of the cyber security industry grow, so too does the need to increase skills and people to meet these demands. Scotland should continue to invest in growing the next generation of cyber security talent by further training and promotion of STEM subjects in schools. Apprenticeships and working closely with industry are key to making sure the right skills and capabilities are developed.
How has threat to cyber-security changed?
Increasing need of operational awareness of what’s in your network. What’s in your network – ones you own and ones you’re using (e.g. cloud and as a service). Complexity of networks increased, more complex understanding.
This drives the need for increasing investment in skills – whether in-house or outsourced.
What are your cyber security predictions for the coming years?
The threat of cyber security will continue to pose a risk to organisations for many years. We are increasingly seeing advances in automation within the cyber sector, and predict these will continue and grow in the future.
As cyber adversaries will use broader automation to increase the scale and sophistication of their attacks, organisations will also need to increase their use of automation, including machine learning, to understand and protect their IT networks. This automation of frontline defences will mean that cyber analysts can focus on more complex tasks and threats – meeting the more sophisticated threats from adversaries.
We’re also seeing organisations take a more holistic approach to risk management. By understanding their IT estate and most valuable information assets organisations can take a proportionate and cost-effective approach to cyber security.
Huge thank you to our Headline Sponsor: