W&F Q3 2023

7. priorities in demand-based environments. I work alongside my clients as a critical friend and I partner with them to design cyber governance strategies, build effective enterprise-wide security architecture, and enable defensive technologies to protect data and to comply with privacy regulations. In essence, helping organisations to enact safeguards to protect their employees, customers, and competitive advantage, while also supporting recovery from debilitating cyber-attacks when they occur. Multidisciplinary investigative teams typically work on cases involving the use of technology to commit traditional and non-traditional offences, including extortion, identity theft, and fraud or forgery. Due to the borderless nature of information flows and cybercrime offending, the process of gathering electronic evidence often requires transnational cooperation with local and foreign law enforcement agencies. Similarly, in corporate environments such as Deloitte, international teams are needed to build organisational resilience and deliver security projects across time zones. This includes 24/7 cyber operations, as well as complex multi-year transformations targeting alignment of key business processes and technologies with new laws and regulations. One of the major success factors in working with multinational clients is defining security investments that are fit-for-purpose to address prioritised risks and to ensure minimum interruption to daily operations. This extends to conducting rapid platform vulnerability and threat assessments, cyber due diligence for mergers and acquisitions, providing practical and knowledgeable advice on remediation, and developing costed programme plans based on strategic objectives aligned with available resources and risk appetite. How do you keep pace with change and gain insight into new developments? The cybercrime and cybersecurity spaces are evolving in tandem, each reactively and proactively challenging the other. On both sides, there are specialisms with pockets of information sharing, networking, and collaboration — some organisations who sell crimeware in dark markets even have dedicated customer support! For my part, I join leaders of industry in round-table discussions concerning emerging security threats. I also regularly present at places like the Underground Economy Conference at the Council of Europe, London Tech Week, and the European Cybercrime Centre in The Hague. Working in international relations, anti-corruption, law enforcement, compliance, and cyber defence has enabled me to develop a strong network of contacts. These trusted relationships are invaluable for gaining insight into the activities of threat actors, new vulnerabilities and exploits, and security trends across industry. This helps me anticipate how emerging technologies impact the modus operandi of offenders and the attack surfaces of my clients. Communication lies at the heart of what we do as security professionals and cyber defenders. Communication, by definition, is two-way. My contribution includes authoring books, intergovernmental reports, and papers in journals. I am an editorial board member of several peer-reviewed journals and look forward to publishing new material which contemplates the shifting cyber threat landscape and the evolving role of lawyers, underwriters, and artificial intelligence in security operations and incident response. I hope to continue exploring how artificial intelligence and machine learning can be harnessed in the battle against cybercrime and cyberespionage. We live in exciting times with new vistas continually opening in front of us. Company: Deloitte Website: deloitte.co.uk/cyber Phone: +44 (0)7494579195 Email: [email protected] LinkedIn: https://uk.linkedin.com/in/ analyticalcyber Twitter / X: @AnalyticalCyber

RkJQdWJsaXNoZXIy NTY1MjM3