Join us for our upcoming Lunch and Learn session as we explore the ever-evolving realm of cybersecurity. In this session, we will demystify the concept for those who are just beginning to grasp its importance.

To provide extra knowledge ahead of the session we sat down with the host, to ask some introductory questions around the topic. So it’s a pleasure to introduce you to Neeshe Khan, who has a PhD in Computer Science and Engineering. She specialises in the human aspects in cybersecurity i.e. when human failures or accidents result in costly cyber breaches for organisations.

How would you explain cyber security to those first understanding it? 

“It is no different to anything people already achieve in their daily lives. If we think back to the time we first set out to accomplish a task or acquire a new skill, like learning to drive, it might have appeared as though it was a huge mountain that we’ll have to climb. And yet, if we’ve accomplished it and practised it in our daily routines, we might be able to do it smoothly and efficiently, maybe even while we multitask. Like driving and listening to music or taking navigation directions while we hold conversations.

It’s almost like locking the doors before you go to bed, just that in the context of cybersecurity as you progress, more doors will start to get added in and the blueprint of your house might change. As exciting as those changes are, it’s appropriate to ensure and recalibrate your safety from various threats”

Why is it essential for companies to understand this area, especially startups and

SMEs?

“Simply because the ‘false sense of security approach’ is not paying off. 

The last decade has continuously seen a disproportionate increase in cyberattacks and malicious agents have developed ways to target and reach audiences they were not able to before. Additionally, almost all businesses are digitised or use some sort of a digital service to perform their business operations which adds a lot of surface area for potential attacks to take place.

Simultaneously, since the UK is globally leading the space in many sectors for innovative research that’s disruptive, much like the healthcare sector, SMEs have become a prime target for their innovation and the valuable data they hold. So it’s essential for startups and SMEs to be educated in this space which can in turn empower them to make cybersecurity decisions that are best for them”

How can cyber security differ for those in startups/lone founders?

“Cybersecurity differs for startups and lone founders in its software architecture. Similar to the differences of what you’d expect between a small flat, a terraced house or a multi million-pound mansion. For cybersecurity this translates into direct implications, for instance the resources available which includes time and money, how tasks are conducted, the types of technologies that are leveraged to perform tasks and the use of off-the-shelf products such as Google Drives. While these services are often convenient, cost saving, provide efficiency, and increase productivity, they can also expose young startups and lone founders to risks they might not be aware of.

Unlike larger organisations, it’s difficult to make a person formally responsible for cybersecurity in an SME.. This can then affect how cybersecurity’s prioritised as part of routine operations. 

Undoubtedly, a lone founder or a young startup would have many hats they’ll need to switch between, fires they’ll need to put out and that changes how cybersecurity translates in those contexts. This includes the culture of the SME and their organisational practices which can allow liberties that affect security, such as permitting the use of USBs or access to critical documents that larger firms might not allow”.

How do you see it changing as we move into a new digital age (Artificial Intelligence?)

“So this is a very exciting time for AI and the potential benefits that it can bring. Leveraging AI in a cybersecurity context can mean supporting humans in security tasks, for instance to identify threats proactively and or to gain insights that can inform better decision making. AI can be leveraged to provide insights from millions of micro-interactions to uncover patterns that are difficult for the human brain to construct. Not only can AI propel awareness and identification in cybersecurity, AI can also do it faster which can provide humans with the responsiveness they need in a digital age where everything is connected to each other to support informed decision making. But, AI must be utilised to support the human agency in cyberspace rather than monitor, limit or predict them”