Ahead of the UKsec: Cyber Security Summit, we met with Andy Wall, Chief Security Officer et the Office for National Statistics, for a quick discussion on the state of cyber security in the UK today.
Read on below for the full interview!
Please introduce yourself and tell us a little about your background….
I am a Cyber, Information Security and Assurance Leader with over 25 years’ experience within global and national commercial organisations and UK Government providing business focused security advice and management. In my current role as the Chief Security Officer at the Office for National Statistics, I am developing new approaches to secure the operations of leading edge big data analytics.
My previous roles have been as Head of Cyber Security at Atkins supporting Government clients within the intelligence and military sectors and critical national infrastructure organisations including nuclear, water and transportation; and with Capgemini as Security Accreditation Manager, leading outsourced security risk services for a major Government department. For ten years before that, I was an independent security consultant undertaking security roles for a wide range of national organisations.
I have been around the security block a few times. I have a host of security qualifications in risk, architecture and audit, as well as being a Chartered Fellow of the British Computer Society, a Fellow of the Institute of Scientific and Technical Communicators and a Member of the Institute of Information Security Professionals. I am also a commentator on cyber security issues, authoring articles and papers and presenting at conferences.
What do you think are the biggest cyber security risks affecting the UK’s businesses today?
- Business understanding of the security risk and its potential impact on operations. This includes risk appetite, what the business values and the direction from that into security controls.
- Spread of untargeted ransomware that is more sophisticated than currently seen
- Access and manipulation of greater amounts of data using more modern technologies without necessarily understanding how these technologies really work, especially in supplier cloud services
What do the next 5 years hold for your industry?
I think we will use more automation for faster identification and response of events, increased anomaly detection, as well as an increased use of suppliers in a semi-black box approach.
Can you give me a taster of the main point you are going to make onstage?
Cloud is a friend if you treat it well and with respect.
What is your top advice for other cyber security professionals?
Understand more about what the business really want to do and try to support it – it’s not a ‘no’, it’s a ‘best do it this way’
Catch Andy at the UKsec: Cyber Security Summit on 22nd – 23rd November as he shares his experience in a case study: ‘Cloud Security: How to Build a Safe, Mature Cloud Security Strategy ‘! Join us for his session and enjoy live Q&As throughout the summit by registering for FREE online with code: CYBER-VIP at uk.cyberseries.io/register/.
