Finding the Sun in Cyber - In Conversation with Stuart Avery
The guru had the chance to sit down with Stuart Avery, Business Development Specialist at e2e-assureat the first edition of the International Cyber Expo to discuss the main trends, how and why everyone should get involved in cyber, and the image problem of the industry.
According to Avery, cybersecurity has undergone a change over the past few years. The rise of zero trust and identity management has forced cyber professionals to secure the user, not the network.
“We used to take a cybersecurity solution and integrate it into a legacy network, but that’s not how it is now. Remote work and bring your own device (BYOD) policies mean that cyber is no longer about securing the network, but about securing the individual.
Avery believes that the new person-centric cybersecurity landscape is not just about security, but also about choice and user experience.
“Obviously securing the individual comes first, but it’s important that this is done in a way that gives individuals choice in how they interact with applications. It’s also imperative that we allow BYOD without slowing things down with huge governance. »
Sticking to the subject of the individual, Avery believes that now more than ever, everyone has a role to play in cybersecurity. In light of an individual-centric security landscape and the new UK government, “holistic” approach to cyber, the role of the individual has never been so crucial.
“The reality is that everyone is responsible for cybersecurity. People have tried to hack me before, and even though they didn’t succeed, because it was so sophisticated, I couldn’t help but think – what if they tried that on my mom? Or my grandmother? I don’t think enough is done to make sure people know what to look out for, how to identify social engineering attacks or phishing scams.
Avery thinks the government should emphasize cultural adoption when it comes to raising awareness about cybersecurity. This is not only important for the individual, but also for companies.
“I talk to organizations all the time about the importance of cultural adoption. Everyone, top to bottom, needs to be aware of the role they play in keeping themselves, their company and the country safe.
So how do we achieve cultural adoption? According to Avery, the government’s information campaign on COVID-19 could serve as a model for raising awareness about cybersecurity.
“While I don’t think cybersecurity awareness campaigns need to be as overt as the COVID-19 campaign, I think we have a lot to learn from this time. Most importantly, recognizing the emotional impacts of a crisis, whether it’s COVID or cybersecurity. We hear a lot about the financial impacts of cybercrime, but I don’t think we recognize how distressing it can be, especially for the individual. Hotlines would go a long way in both educating the public and supporting them if they were to fall victim to an attack. »
Although Avery thinks raising awareness of cybersecurity is a worthy endeavor, he admits it will always be an uphill battle.
“The crux of the matter is that cybersecurity is built on people’s mistrust, and that’s just not in our nature. We are programmed to trust ourselves. Getting people to distrust anything that comes into their inbox is going to be tough, especially if they’re busy.
It is not just the individual who has a role to play, however. For Avery, vendors should strive to make cybersecurity more accessible. e2e-assure, a SOC-as-a-service provider and employer of Avery, does this by tailoring its solutions to customer needs. Avery explains:
“Our mission is to make cybersecurity affordable. It used to be that cybersecurity was only for the big shots, but that’s no longer true. We like to think we’re at the forefront of bringing cyber to SMBs. Many providers only offer holistic protection, which is great for large businesses, but just not affordable or even necessary for small businesses. We allow organizations to select the coverages they need so they don’t have to pay for the ones they don’t have.
For Avery, affordability isn’t the only issue plaguing the industry. For the industry to be truly inclusive, he thinks it needs a friendlier face.
“There is a misconception, at least among the public, that cybersecurity is still full of hackers in dark rooms or arrogant techies reluctant to share their knowledge. In reality, the industry is full of good people with good intentions. I don’t think we celebrate all the good we do. We’re terrible at telling only bad stories, it’s no wonder people don’t listen to us. We keep tapping on it, telling people “You’re going to get hacked”, and they’ll never respond to that. We have to let the public know that we are aware of the difficulty of things and help them.
Overall, Avery has a refreshing view of the state of cybersecurity. Amid the seemingly endless predictions of disaster one is subjected to at a cyber show, it is heartening to hear more optimistic outlooks. Plus, Avery is no hypocrite, living his own mantra of friendliness and accessibility.