Taking cyber security seriously for National Cybersecurity Awareness Month

National Cybersecurity Awareness Month is a month-long campaign observed every October and 2021 marks the 18th year since its initial conception.

Since then it has grown exponentially and has become renowned across the word, with businesses, consumers, corporations, educational institutions and young people, all taking stock of the importance of internet security and cyber security measures.

As cyber criminals took advantage of the operational changes businesses had to quickly make as a reaction to the pandemic, ransomware attacks soared with the UK being ranked number 10 on the list of countries worst affected by ransomware. In fact, four in ten UK businesses (39%) experienced a cyber security attack in the last 12 months alone, with around a quarter (27%) of these organisations experiencing them at least once a week.

With cyber attacks becoming more frequent and more sophisticated, WeAreTechWomen took a moment to speak with experts in the field to find out what businesses can do to protect themselves – here is what they had to say:

The first line of defense – employees

National Cyber Security Awareness Month 2021 is a time to reflect on the major technological and lifestyle shifts brought on by the pandemic and their security implications.

Tim Bandos, Digital GuardianFor Tim Bandos, CISO & VP Security Managed Services at Digital Guardian, cyber talent retention should be a top priority. He said: “Finding the right fit for your security team remains a daunting and somewhat challenging task in today’s world. There’s a well-documented shortage of talent across the cyber security industry dating back several years. The pandemic and the challenges it brought have made matters worse.

“When it comes to ensuring cyber talent retention, establishing the right working environment is critical to keeping people engaged and motivated to stay. Having policies to ensure there’s an effective work-life balance and offering solid benefits are important elements when it comes to employee retention. I also believe that if you have a highly collaborative and engaging team that focuses on achieving group goals and taking the time to reward and celebrate them, it goes a very long way in countering anyone’s interest in leaving.”

Providing employees with the right skillset is essential when it comes to cyber security. Don Mowbray, EMEA Lead, Technology & Development at Skillsoft commented: “In today’s digital age, companies must continuously train their employees and build a security-minded workforce that’s aware of the multitude of threats they face.”

He suggests, “leveraging blended learning mixes styles, tactics, and content delivery modalities that make for a robust, effective and tailored environment for all. In cyber security training, it can involve putting the practical skills learned to the test in controlled practice labs or gamified style attacker versus defender environments, with traditional courses and lessons layered throughout, helping learners evaluate their skills via a hands-on approach.”

The right tools for the role

All businesses operate in different ways depending on a multitude of factors such as industry, department, or compliance and regulation. It makes sense then that there is not one-fits-all when it comes to the tools each needs to support the work.

For Phil Dunlop, General Manager, EMEA at Progress Software, it’s about supporting the IT teams with the correct tools. “As we emerge from the pandemic, and workers start to head back to offices, IT teams continue to carry a heavy responsibility for data security. Within the working environment, employees sharing personal and private data internally and externally is a constant stress for security teams and IT operations. And the data security risks associated with social platforms like Slack, Teams and WhatsApp only add to the pressure.”

Dottie Schindlinger, Executive Director at Diligent Institute, agrees: “Open communication tools – like Slack, texting and personal email – are great for informal communication, but they don’t often provide the level of security or access privileges needed for sensitive communications between executives, the board, legal, HR, risk and compliance teams… Organisations need secure environments and workflows that allow them to communicate highly sensitive information safely, without worrying that it might accidentally be misrouted, forwarded, leaked or even stolen. And, the system must be intuitive and convenient, so executives remain within its workflows and processes without straying to other systems and creating security gaps.”

Keeping technology up to date 

Remote work unexpectedly became the norm in 2020, and as we close out 2021, the hybrid work model may be here to stay for decades to come. “Rather than retreating back to legacy methods and previous strategies, companies must #BeCyberSmart and tackle modern threats head on,” Tyler Farrar, CISO at Exabeam commented. “It’s critical to highlight that compromised credentials are the reason for 61% of breaches today. To remediate incidents involving user credentials and respond to adversaries, organisations must consider an approach that is closely aligned with monitoring user behaviour to get the necessary context needed to restore trust, and react in real time, to protect employee accounts. This should include the ability to understand what normal looks like in your network, so when anything abnormal occurs, you can immediately detect it and prevent it from causing harm or damage to your organisation.”

With ransomware on a continual rise, outsourcing to specialist providers continues to be an increasingly popular choice for businesses requiring expert security services. Andy Collins, Head of Security at Node4 said: “It can be difficult for busy internal security teams to allocate time and resources to essential, but not urgent, tasks such as identifying the most effective local or off-site backup location for each data tier, or analysing the operational impact to avoid performance degradation for systems and applications. Security MSPs can provide great aid in preventing cyber-attacks by providing technical support, filling technical gaps, and staying up to date with the latest threat and security technologies in order to resist their ever-changing nature.”

Recovery over ransom

As fending off cyber attacks becomes a daily reality, having a cyber strategy in place should be a top priority for all businesses to ensure that, should the worst happen, the business is poised to recover.

Andy Fernandez, Senior Manager, Product Marketing at Zerto, a Hewlett Packard Enterprise company said: “Ransomware attacks are evolving, targeting next-gen applications like Kubernetes and Microsoft 365. As the adoption of cloud applications grows, so will exploits and attacks and in turn the importance of restoring data. Modern organisations that are responsible for that data will need to have native data protection solutions that can help them protect internal applications and applications shipped using containers. For example, we are seeing file-less attacks explicitly targeting stateful Kubernetes data.”

Hugh Scantlebury, Founder and CEO at Aqilla agrees, “cyber attacks continue to grow in frequency and severity. Backup and disaster recovery coupled with regularly audited security measures are the best form of defence. But don’t assume that your cloud-based SaaS solutions automatically offer these services.

“Aqilla’s software does. But if you’re using cloud-based accounting and financial software — indeed, any cloud-based solution — we’d recommend you check that your solution operates from a secure and well-managed data centre. Ask your provider if they store your data in accordance with the National Cyber Security Centre’s 14 Cloud Security Principles.

“Finally, check whether disaster recovery and automated backup are taking place (and with what frequency) within your SaaS environments.”

For Thomas Cartlidge, Head of Threat Intelligence at Six Degrees, it is all about cyber hygiene. He told us: “Strong cyber security hygiene has never been as important as it is today. As workers get settled into hybrid environments it is critical your employees protect their identity while at work and at home.”

“Making cyber smart decisions that align to your wider organisational strategy is an essential element of maintaining operational integrity and ensuring success in this hostile digital landscape,” he concludes. “If you have a cyber skills gap in your organisation, you should be soliciting input from a third party to help prioritise your cyber strategy.”


TechWomen100 Shortlist 2021 featured

WeAreTechWomen are proud to announce our 2021 TechWomen100 shortlist

TechWomen100 Shortlist 2021-1

WeAreTechWomen is extremely proud to announce the TechWomen100 shortlist for 2021.

Since August 2021, WeAreTechWomen has been searching the UK for the best female tech talent in the country. With the support of headline sponsor Goldman Sachs, WeAreTechWomen has now identified a shortlist of 200.

The TechWomen100 awards are the first of their kind to focus solely on the female tech talent pipeline and to also recognise the impact of champions, companies and networks that are leading the way for future generations of tech talent. Highlighting the achievements of these women is part of WeAreTechWomen’s campaign to shine a spotlight on 1,000 future female leaders in technology by 2025.

The shortlist showcases remarkable women within the technology and STEM sector, including Hana Bird, a Spacecraft Operations Engineer for In-Space Missions, who worked on their first mission, Faraday Phoenix; Alice Hendy, who founded the app, R;pple Suicide Prevention, after the tragic loss of her brother, Josh, in 2020; Priyanka Mittal, who led the Cloud-based architecture of two national programmes at NHS Digital, which have been the backbone of the government’s response to COVID-19; Esther Akpovi, also known as the Gen Z Cheerleader, who is an award-winning Youth and Education activist; and Manisha Ganguly, who is a multi-award-winning independent conflict journalist & filmmaker using open-source techniques to investigate human rights abuses under conditions of war.

The awards also recognise Champions, Networks and Companies, who are all actively supporting the progression of women in tech and STEM. The TechWomen100 awards also celebrate women in tech from outside the UK, in the Global Award for Achievement category.

The full shortlist includes individuals from leading firms such as the Royal Air Force, NHS Digital, EY, American Express, Bloomberg, Google, Ford Motor Company, Microsoft, IBM, Mastercard, Transport for London, BT, and many more.

Over the nomination period, we received over 1,000 nominations from across the UK and Northern Ireland. The calibre of entries for these awards was exceptional and all of the judges stated how difficult it was to arrive at the shortlist due to the amazing achievements of our nominees.

DISCOVER OUR SHORTLIST

The public vote of support is now open for our 200 individual shortlist nominees. Votes can be cast here*.

*Please note there is no public vote for Champions, Companies, Global Award for Achievement or Networks.

Orla Dunne, Goldman Sachs“Goldman Sachs is delighted to sponsor the TechWomen100 Awards in celebration of women making a huge impact on the technology industry.

As a firm, we are fully committed to developing and supporting talented individuals, advancing gender equality, and increasing diverse representation at every level. As we strive for excellence, a diverse workforce best positions us to serve our clients, as well as the communities in which we operate.

Awards such as this are a pivotal instrument for change, recognising our industry’s future leaders, and creating role models to inspire new talent into technology.”

ORLA DUNNE, PARTNER – HEAD OF CORE ENGINEERING IN EMEA, GOLDMAN SACHS

“At WeAreTechWomen, we have made it our personal mission to shine a spotlight on women working in tech. Our strategic aim is to highlight 1,000 female future leaders in technology by 2025.”

“The response to this year’s awards has been fantastic and the calibre of entries has been outstanding. I am so proud to see so many women in tech recognised for their achievements and really look forward to seeing who our final winners will be in November.”

VANESSA VALLELY OBE, MANAGING DIRECTOR, WEARETECHWOMEN

The 2021 awards are kindly powered by Goldman Sachs and sponsored by Accenture, BAE Systems, Bank of America, Credit Suisse, Ipsos Mori, Oliver Wyman, and OpenFin.

We would like to personally thank our judges who all gave up their valuable time to assemble our shortlist and to help WeAreTechWomen recognise the fantastic achievements of all of our amazing nominees.

Congratulations to all of our shortlisted nominees and best of luck in the next round of judging.

The final list will be announced 15 November. Finalists will be invited to attend a virtual award’s ceremony on 08 December.

POWERED BY

Goldman Sachs NEW

SPONSORED BY

TechWomen100 Awards Sponsors 2021-1

Qun Yang

Qun Yang | Biorbyt Ltd

Qun Yang

Qun is a Cambridge-based female entrepreneur and studied for MPhil in Therapeutic Sciences at Queens’ College, University of Cambridge.

Qun had an established career in finance and banking before co-founding Biorbyt Ltd. She started her professional career as an auditor with Deloitte and then worked for Goldman Sachs and later Deutsche Bank. Qun is a qualified chartered accountant and a fellow of the Institute of Chartered Accountants in England and Wales (ICAEW). She is also a holder of other prestigious qualifications, including Chartered Financial Analyst (CFA) and Financial Risk Manager (FRM).

Witnessing the challenge to purchase good quality reagents by her friends working in academia, Qun decided to create a global platform to support the life sciences communities and to enable them to purchase affordable and reliable reagents for their research. Combining her knowledge of life sciences with her training in accounting and finance, she co-founded Biorbyt Ltd, which specialises in designing and manufacturing research use antibodies, proteins and other reagents. Biorbyt Ltd received the Queen's Award for International Trade this year to recognise its success in the global market.

Qun leads by example and founded the UK Chinese Women Connect Association to support Chinese women in the UK.


Susan McDonald

Susan McDonald | Deloitte Monitor

Susan McDonald

Susan is an award-winning Electrical and Mechanical Engineer with over 10 years’ experience in designing and overseeing major capital programmes in the power, utilities and renewables sector.

Susan joined Deloitte in 2016, after six years at National Grid, an international electricity and gas utility company. Amongst her responsibilities, Susan led on the coordination of 12 of the UK's Offshore Wind Projects.

Susan applies her industry experience and insights to help energy clients shape their net zero strategies, transform their business and steer them through the energy transition, catalysed by data, technology and innovation.


Sarah McCarthy

Sarah McCarthy | Mitie

Sarah McCarthy

I have worked for Mitie for 11 years and the last 7 of those years has been working in the analytics department.

Prior to this, I studied art & photography, which gives me a unique perspective when bringing data to life through narration and visualisations. I combined my business understanding and technical skills with my passion for people to create a vision for our customers and my team.

My technical leadership begins with what many would see as a non-technical quality -- empathy. I believe that technical leadership is rooted in the desire to develop a deep understanding of a customer's business problem. That understanding then needs to translate into a vision for a technical solution. And is underpinned by genuinely caring about solving the problem.


Jenita Treacy

Jenita Treacy | Transport for London

Jenita Treacy

I'm Jenita Treacy and I've been working in technology and data over the past 20 years, building data analytical systems and capabilities for organisations including the Metropolitan Police where I spent the first 10 years of my career – a job I applied for while at my 1st year of university and took on full time with my studies because I was fascinated with using data to prevent crime starting as an analyst and leaving as an IT Manager, followed by similar data management and data strategy roles in the charity and public sector.

Over the past 3 years I have been at Transport for London (TfL) as a Data & Analytics Product Manager, and it is by far the most challenging but most enjoyable role yet, as I am combining all the experience I have to date with the freedom to be innovative and creative, working alongside a prototype team to iteratively develop a series of products which can detect, intervene and prevent fare evasion across the complex TfL network. I work with stakeholders across many departments, all with varying priorities, user abilities and requirements and I work with them to understand their needs, identify gaps, bed in more efficient processes, and create a culture of data-led decision making.


Sharon Li

Sharon Li | Barclays

Sharon Li

Sharon is the Innovation Mindset Lead in Barclays Chief Technology Office and has been leading the strategic transformations through empowering and inspiring leaders and colleagues across the organisation.

She provides innovation advices to senior leaders across Barclays to solve their business challenges and empowers their leadership team and colleagues with Innovation platform, intrapreneurship programmes, processes and techniques. She also works closely with Fintechs and Tech startups and successfully delivered many innovative solutions to Barclays and their customers and clients. During the pandemic, she led the external Fintech engagement programme of Fintech Pledge for Barclays to drive efficient and effective collaboration between Barclays and Fintechs and successfully delivered the Fintech Pledge Principals by bring Fintechs and internal stakeholders along on journey with her. Prior to this, Sharon was a Senior Programme Manager for Material Models Programme and she worked with a large group of stakeholders across Business, Data sourcing, Model developers and Technology team to enhance Barclays modelling capabilities across the end to end model management lifecycle.

Sharon joined Barclays 8 years ago and has previous work experiences in startups in the UK and Asia. She is also a qualified Chartered Global Management Accountant. Throughout her career, Sharon has been a strong advocate for Diversity and Inclusion. Combining her innovation knowledge, she can bring together an in-depth understanding of custom centric propositions and solutions alongside diversity and inclusion. As the CTO D&I lead, she established CTO D&I strategies and workstreams with CTO leadership team and actively leads a varies of initiatives including hosting Barclays Chief Technology Office spotlight sessions in the EMEA Grace Hopper Conference.


Krystina Pearson-Rampeearee

Krystina Pearson-Rampeearee | BAE Systems

Krystina Pearson-Rampeearee

My name is Krystina and I am a Chartered Engineer in Liverpool working as a Senior Flight Systems Engineer. I studied Aerospace Systems Engineering at university, after being inspired by an airshow when I was in school, and became the first engineer in my family.

As a Senior Flight Systems Engineer, I am involved in the whole life of equipment within a system; from development, to going on aircraft, to support once in service. My role is a collaborative, multidisciplinary role and I enjoy all the different aspects I get to be involved in. Since returning from maternity leave in 2019, I have been working in the Future Combat Air System team on a next generation fast jet, the Tempest project, researching technologies for the future.

I volunteer as a STEM Ambassador and mentor and also set up my own business, AviateHer, selling accessories to promote diversity in STEM. As there was a lack of visible females when I was studying and early on in my career, I am passionate about encouraging and inspiring more young girls to consider STEM careers and push past those gender stereotypes!


Folakemi Fapohunda

Folakemi Fapohunda | Deustche Bank

Folakemi Fapohunda

Folakemi started her career in 2008 as a Software Engineer and has built her career with 12 years experience from Investment banking, Technology and public sectors leading a number of global high profile critical transformation, business driven projects and regulatory initiatives across Equities, Credit Risk, Reference Data and Cash & Securities, Payments and infrastructure in the UK.

She is a Product Delivery Lead at Deutsche Bank AG London aligned to Client Connectivity and Digital Channels. She has a proven track record in leading global cross-functional product and Agile team environments with demonstrated history of being results-oriented within financial services (Corporate Bank, Equities, Asset Management, Fixed Income, Market Reference Data, Payments, Cash & Securities, Credit Risk), FinTech, technology and public sector with primary focus on technology, real time low latency processing platforms, big data, cloud data platforms, data analytics and machine learning including successfully leading product vision, driving critical business, regulatory, infrastructure, digital initiatives and transformations projects and interacting with C suite/ExCo level stakeholders. Key SME on big bankwide global regulatory programmes including MIFID, Dodd Frank, Volcker, FATCA, Basel II, BCBS239, OTC Derivatives Clearing. Key SME on 14+ critical low latency high frequency front-office business applications in the last 7 years. She has managed and mentored global software developments teams in countries such as UK, India, US, Germany, Romania, Ukraine.


Holly Smith

Holly Smith | Databricks

Holly Smith

Holly Smith has over a decade of experience working with Data & AI teams in a variety of capacities from individual contributors all the way up to leadership.

She has spent the last two years at Databricks working with many multi national companies as they embark on their journey to develop their data maturity. Prior to that she worked at Lloyds Banking Group in numerous data roles; Lead Data Scientist, Digital Analytics Manager, Credit Risk & Fraud Analyst. She also works with the non profits Datakind UK, Tech Talent Charter and Women in Data to advise on data strategy and operations.