Meet the woman at the forefront of cyber security in the UK – Lisa Ventura, Cyber Security Women of the Year Awards 2019 supporter of the year.
SciTech Europa Quarterly speaks to CEO and Founder of the UK Cyber Security Association (UKCSA about the importance of getting women into the cyber security industry, and what we can do to protect ourselves against current cyber threats.
What is the work and role of the UK Cyber Security Association (UKCSA)?
The UK Cyber Security Association (UKCSA) is a new membership organisation for individuals, small businesses, SME’s and corporate companies who are involved/work in the cyber security industry in the UK. Members receive a wide range of benefits including access to the latest cyber security industry news, discounts on courses, seminars, networking events, conferences and items such as insurance and penetration testing, access to a directory of members and much more. We also supply compliance, security consultancy, risk management, penetration testing, bespoke security solutions and half and full day courses to small businesses and SME’s all aimed at helping them understand cyber security and what it means for their businesses.
The UKCSA works to a set of objectives ensuring best practice and information assimilation from the cyber security industry in the UK. In addition to this, we also lobby for awareness of cyber security, skills and training, education and best practice. We also raise awareness of neurodiversity in cyber security, the cyber skills gap and education as to the importance of cyber security and why businesses should take it seriously.
What are some of the current trends in cyber security and technology? What are the main challenges that come along with these, and how can these be overcome?
I think some of the common trends in cyber security are centred around the Internet of Things (IoT). Pain points are often still a problem and with many more devices being able to connect to the internet, it will continue to be a major source of vulnerability for consumers and enterprises alike. Phishing is getting personal and attackers are strategically starting to target business executive accounts, as these are seen as far more lucrative to them.
As AI continues to grow and become intertwined with people’s day to day lives, so does the potential for cybercriminals to exploit its potential. This will create a new bred of AI-powered hackers which gather key information about users’ behaviour. The cloud is another vulnerability area, with many cyber criminals targeting data held in the cloud.
However, the C-suite are beginning to wake up to the growing cyber risk. To overcome this, good cyber hygiene and housekeeping will make a huge difference and multi-factor authenticity will grow in popularity.
What would you say is the most common threat? What can we do to protect ourselves better against this?
Phishing and ransomware still continue to be the top types of threats faced by organisations today, with denial-of-service (DDoS) attacks coming third on the list. To combat these (and all kinds of cyber-attacks), educating and informing your employees is the first line of defence, as well as having robust systems in place to intercept threats as they happen.
Congratulations on winning the supporter of the year award from the Cyber Security Women of the Year Awards. What would you say to women who want to get into cyber security as a career, but are perhaps unsure due to discrimination that is still present in the industry today (such as the 9.6% pay gap between men and women, according to the BBC)?
There is a lot of excellent advice out there for women who want to enter the cyber security industry, and while it is true there is still a huge cyber skills gap particularly when it comes to attracting women into the industry, there has never been a better time for women who want to pursue a career in cyber security. Despite the male domination of the industry women are making great strides in STEM careers, as well as in technology and cyber security.
Women need to feel that they can succeed in a cyber security career from the start, so guidance and support right from when young women enter higher education is crucial. They need to be made aware of all the opportunities available to them in IT and cyber security, in order for them to be properly prepared for their careers.
Where do you see cyber security in five years? What role do you see the UKCSA playing in this?
Over the next five years it is predicted that there will be a huge shift with attitudes around data security through staff training and education. Companies will also need to take a risk-based approach to security to be in line with EU General Data Protection Regulation (GDPR). Decisions will need to be made where security is concerned through a process of system vulnerability, the likelihood of threats and through a process of evaluating sensitive data.
I think the role of the UKCSA will evolve to encompass all businesses, not just those who actively work in cyber security, and we will exist to continue awareness raising, education and lobbying government for cyber security as a priority.
In 2019 it amazes me how there is still so much of a head in the sand approach to cyber security, and many businesses feel that it doesn’t need to be taken seriously, that is, until they suffer a breach, and then it is too late. Our role will be to educate businesses and raise awareness of the growing cyber threat.
CEO & Founder
UK Cyber Security Association
+44 (0)800 772 0155
Please not this article has been published in our quarterly issue of SciTech Europa.