Cyber Security In Focus

Most organisations think about cybersecurity in terms of tools and compliance. Attackers think in objectives, timelines, and human behaviour. That gap is exactly where breaches happen.In this episode, Katie speaks with Glenn Wilkinson, CEO of Agger Labs and ethical hacker with 15 years of experience breaking into organisations, legally. Glenn has tested financial institutions, trained law enforcement, and presented at Black Hat and DEF CON. He brings that attacker's perspective directly to the conversations organisations need to be having right now.The episode covers significant ground: the structured methodology that makes hackers effective, why most breaches still start with a person rather than a system, and what it really means that attackers spend an average of 197 days on a network before anyone notices. Glenn also explains why a passed pen test is not the same as being secure, and makes the case for reframing cybersecurity as a business continuity issue, not an IT problem, to get genuine board-level engagement.The conversation closes on ransomware: what it actually is, how to build your defences before it hits, and the decision no organisation properly prepares for until it's too late, pay, or don't pay, including the legal and moral complications most people don't see coming.Practical, direct, and grounded in real-world experience. This is how attackers think. This is what that should change about how you defend.

Managing third-party risk has always been complex. Add AI into the supply chain, and the rules change entirely.In this episode, Katie Watson sits down with Chris Thornberry, Information Security Manager and DPO at Oleeo, an HR Tech SaaS platform serving major UK public sector organisations and global financial services institutions. With over six years navigating security at the intersection of GRC and technical resilience, Chris brings a grounded, pragmatic perspective on what robust third-party risk management actually looks like in practice.Chris and Katie dig into why certifications like ISO 27001 and SOC 2 are no longer enough on their own, what transparency really means when you're assessing an AI supplier's entire ecosystem, not just the supplier themselves, and how to avoid shadow AI taking hold before you've had the chance to assess it.They also cover the dual challenge of operating as both a data processor and a data controller, how to build a security culture that stops bottlenecks before they start, and why Chris uses data as his North Star when evaluating any new tool or vendor.If you're responsible for third-party risk and feeling the pressure of AI reshaping your supply chain, this is a practical conversation worth your time.

When a cyber attack hits, most organisations focus on what technology failed. Keith Price focuses on whether the people were ready.As Director of Security at National Highways, Keith leads security for one of the UK's most critical infrastructure operators. Shutting down the motorway network during a cyber attack is not an option, which means resilience has to be built long before an incident occurs, and it starts with the team.In this episode, Keith shares what two decades in the US military, consulting roles across oil, gas, and banking in the UAE, and now leading security at national scale have taught him about what actually keeps organisations safe. His answer, consistently, is people.Keith and Katie cover:Why people, process, technology is not just a phrase but a leadership philosophy, and what it looks like in practiceHow mental health and psychological safety directly affect an organisation's security postureThe difference between security awareness that works and the annual click-through training nobody takes seriouslyHow Keith's finance team at National Highways avoided 2.8 million pounds in fraudulent payments, not through technology, but through engagementWhy building a no-blame culture with your supply chain matters more than a tough security questionnaireAnd why, when the digital infrastructure goes down, the organisations that survive are the ones who planned for analogIf you lead a security team, or you're responsible for one, this episode is a practical reminder that your greatest security investment is not a tool. It is your people.

Security awareness has spent years stuck in the same loop, annual training, phishing simulations, completion rates. Budgets are tight, compliance is the priority, and the dial on actual human behaviour barely moves.Lucy Finlay has spent nearly a decade in the security awareness space, and her argument is simple: the industry has been treating people like machines you can update with a policy and a phishing simulation. It doesn't work. And the data backs her up.In this episode, Lucy, who built her career through marketing, languages, and people engagement before spending seven years leading security education at Aviva, makes the case that security awareness is fundamentally a behavioural science problem, not a compliance one.We get into why context is everything when it comes to how people retain information, why click rates are the wrong thing to measure, and how the COM-B model can help you identify the real reason your programmes aren't landing. Lucy also talks through what it actually looks like to segment your audience, how to make the case for more resource, and why security awareness professionals should be in the containment phase of an incident, not cleaning up afterwards.Whether you're a CISO questioning your current approach or a solo security awareness practitioner trying to do more with less, this one is worth your time.

Stuart Bird has spent nearly four decades dealing with the worst moments organisations, and people, will ever face. Twenty-one years in UK law enforcement, including early high-tech crime work triggered by Operation ORE, gave him an investigative foundation that most in the industry simply don't have. Since moving into the private sector, he's managed over 1,000 cyber incidents globally, from ransomware and data breaches to insider threats and APTs.In this episode, Stuart breaks down what actually happens in the first 24 to 72 hours of a cyber incident, why most organisations are already several steps behind by the time they pick up the phone, and what the detective's mindset, who, what, where, when, why, how, brings to incident response that no tool can replicate.We cover the common mistakes he sees time and again: CEOs pushing to pay the ransom before any proper assessment, teams that try to fix it themselves for five days before calling for help, and playbooks that have never been tested and don't reflect reality. Stuart also makes the case that organisations are thinking about incident response the wrong way, focusing on the end game rather than the six or seven points in the kill chain where an attack could have been stopped before the encryption ever lands.If you're a CISO, IT or security manager, or business owner trying to understand what good incident response actually looks like, this is a conversation worth your time.

What do biological threat response, GB triathlon racing, and cyber incident management have in common? More than you'd think.In this episode, Katie sits down with Jeremy Clipstone, ICT Manager at Suffolk Coastal Port Health Authority, the UK's largest container port. Jeremey spent 22 years in the Royal Air Force Regiment, including leading specialist teams dealing with chemical, biological, and radiological threats. Today, he applies those same instincts to protecting critical infrastructure from cyber attack.This conversation is direct, practical, and full of hard-won lessons. Jeremey breaks down how he runs tabletop exercises to build a team that can handle a P1 incident without him, why shouting is a sign you've lost control, and what triathlon training has taught him about planning for a cyber attack.In this episode:Why you should observe for at least a month before changing anything as a new leaderHow to build a no-blame culture that makes your team stronger, not weakerWhat "calm under pressure" actually looks like and how to practise itThe link between physical training and mental resilience in high-pressure rolesWhether you're leading a cyber team, transitioning from the military into tech, or just trying to build something that holds up under pressure, this episode is for you.🔗 Jeremey is also racing for Great Britain this year. Support his GoFundMe here: https://gofund.me/a05d30025

Emma Mackenzie made a deliberate switch into cyber security, and went straight into governance and risk. Since then she's moved across into a cyber defence role, and that experience of working both sides of the house gives her a perspective most people in the industry don't have.Emma works in financial services, specialising in governance, risk, resilience and regulatory alignment.In this episode she gets practical about the tensions that exist between security teams and the business, why patch management is harder than it sounds, and how to translate cyber risk into language that actually lands in the boardroom.We cover:Why silos between GRC and SOC exist in almost every organisation, and what that costs youThe patch management reality in financial services: why "just patch it" isn't always an optionHow to frame cyber risk in financial terms so leadership actually acts on itDORA, the UK Cyber Security Resilience Bill, and whether regulation is moving in the right directionWhat good recovery planning actually looks like and the questions most tabletop exercises never askWhy getting stakeholders involved early is the most underrated project management move in securityEmma's advice on personal resilience in a field with serious burnout problemsIf you're working in GRC, a SOC, or anywhere in between, this one's worth your time.

58% of crime in England and Wales is now cyber-enabled. Yet when individuals are targeted, most don't know where to turn. The police are overstretched, social media platforms don't pick up the phone, and the support just isn't there.In this episode, Katie Watson sits down with Rory Innes, Founder and CEO of The Cyber Helpline, a charity built by the cybersecurity community to provide free, expert support to individuals and sole traders affected by cybercrime, digital fraud, and online harm.Rory talks through what real cybercrime looks like for everyday people, why organisations need to think beyond the breach and consider the people behind the data, and why changing a password isn't always the right first move.If you work in security, IT, or risk. This episode will change how you think about your responsibilities to the people around you.Support The Cyber HelplineThe Cyber Helpline is a free service that relies entirely on the support of the cybersecurity community to keep running. Here's how you can help:Volunteer — Use your skills on the frontline supporting victims, open source investigations, or building out threat advice.Donate — Every contribution helps keep the service free for those who need it most.Fundraise — Running a 10k or planning a challenge? Choose The Cyber Helpline as your charity.Spread the word — Share their work. The more people who know they exist, the more victims they can reach.Partner — Organisations can support through sponsorship, donations, or donating expertise and tools.Visit www.thecyberhelpline.com to get involved or refer someone who needs help.

Is Your AI Tool Sharing Your Secrets?With over 20 years in infrastructure, security, and cloud consulting across the US, Europe, and beyond, John Boero has seen what happens when teams move fast and skip the fundamentals.In this episode, John and Katie get into the real risks of vibe coding, why the lost art of code review is coming back to bite development teams, and what security leaders actually need to understand about AI and data privacy. They also tackle the tension between dev and security teams, when cloud-first is the wrong call, and why your most valuable old-school developers might be the ones you're overlooking.If you're responsible for infrastructure, security, or how your organisation builds and ships software, this one's worth your time.Connect with John on LinkedIn: https://www.linkedin.com/in/jboero/Read John's writing on Medium: https://medium.com/@boeroboy

For the first episode of Cyber Security In Focus, host Katie Watson sits down with Esther Hitch, former British Army officer, Deloitte alumna, and cyber security advisor to boards and executives across the public and private sectors.They get straight into one of the most persistent problems in the industry: why cyber security still struggles to land at board level, and what needs to change on both sides of that conversation.Esther shares what she looks for when she walks into an organisation for the first time, how language, culture, and relationships reveal more about security maturity than any tool or framework ever will. She's direct about where cyber leadership is falling short, why the pendulum has swung too far towards pure technical hiring, and what it actually takes to move from siloed IT function to genuine business enabler.They also cover the ROI problem, how do you demonstrate value when success means nothing happened? and why information sharing across the industry is one of the most underused defences we have.Esther closes with a practical checklist: three to five things any security professional should look at this week. Not to fix them. Just to know where you stand.If you're in cyber, lead a team, or sit anywhere near a board table, this one's worth your time.

Cyber Security in Focus brings you candid conversations with the people in the trenches: CISOs, security leaders, and practitioners sharing what they’ve learned, what they’d do differently, and how they build stronger defences in the real world.