We are delighted to welcome Phillip Davies to the Centrality team of information security experts. Phillip has a long and impressive background in law enforcement and cyber security and brings a rigour and technical security expertise and experience to what is already a strong cyber security specialist team here at Centrality. Phillip is a Fellow of the Security Institute, the British Computer Society and the Chartered Institute of IT. He is also a Certified Information Security Manager and holds a Masters in International Criminal Justice Studies. We sat down with Phillip to discuss the importance of cyber security.
“I joined law enforcement at the age of 18 and spent 20 years serving in both the Sussex and then Surrey Police forces. As Detective Inspector, I set up one the UK’s first high tech crime units, and with colleagues worked together to set up similar teams in neighbouring forces. Leading Hi Tech, now Cyber-crime, gave me the opportunity to focus on developing a business advisory service to better help and advise the private sector, so they could better stay on top of cybercrime.
“I moved to the private sector with Sky in 2005, transitioning in 2017 from Group Head of Cyber to a new role as Director of Fraud & Piracy. I continue working closely alongside a variety of agencies and forces, including INTERPOL and Europol, through associations I lead, as well as being involved with UK law enforcement activities where I continue on the advisory board for one force. These all complement my work for Centrality and other organisations.”
“When I was looking at the feedback from Centrality’s clients, there were two words which stood out time and again: professionalism and integrity. These qualities are at the heart of what Centrality does and that’s why it has established a reputation as a fantastic service provider, with an established customer base across industries.
“Centrality already has great cyber security skills in their offer. We take a proactive rather than reactive approach and have the ISO 27001 accreditation, which is a global standard of excellence. But we continue to seek to build and improve the IT managed security service we provide our clients.”
“Although the cyber security landscape inevitably changes over time, the main risks and how we deal with them haven’t changed. There are three key areas:
“People are an all-important asset but also a risk. We need awareness initiatives to make sure people do the right things at the right time. We also need an IT strategy that makes it easy to follow rules and do the right things, by developing short, easily digestible policies.
“Data, and the technology that supports that data, is another key factor. We need clarity on what is important, what’s most important, where the key infrastructure is, and how to protect that data.
“Tried and tested response plans are essential. Many businesses fall down on response and communication. If they don’t have the right plans and these aren’t communicated correctly, then problems will be exacerbated.”
“Unfortunately, many small and medium-sized businesses aren’t in the position to employ permanent security staff. But there are lots of things businesses of all sizes need to be doing. The most important is to gain a thorough understanding of what the risks are – this includes developing a risk management framework which identifies the risks you face, the processes to tackle risks, continually assessing and reassessing them.”
“Businesses need to understand the risks and manage them, not the other way around. It’s not about avoiding risk, but understanding and managing it. Never give up on innovation.”
“As everyone gets to grips with the current threats and security teams build out their protections, businesses will be better placed to deal with these threats. A key change I would like to see is the removal on over reliance on passwords. These often pose the biggest threats for most users and organisations. We keep telling people to have unique and complex passwords; however, in reality, many users do not do this. There are already more sophisticated ways to do this, i.e. using technology to authenticate activity on the system, and we should be using these much more.
“The important part here is that it is third-party providers that are making headway in this area. That’s why it is so important to bring on board a trusted partner, like Centrality, an accredited and certified Microsoft Solutions Partners - Security, helping clients feel less concerned about risks over time and focus more on growth.”
“Centrality offers the whole package. Our security offering is part of a holistic plan of action. We take the time to really get to know our customers, and how their IT systems work, then build tailored cyber security solutions based on this knowledge. Specialised security partners and tools don’t offer the same personal and cost-effective solutions.
We build out a much wider package, which enables us to leverage the right technology, using the whole suite of Microsoft products, rather than picking ad hoc, bespoke systems. When it comes to security, this holistic approach will save significant time and money and allow business to reduce loss of revenue and risk through a long-term partnership.”
“In the short term, we will be refining and enhancing Centrality’s risk management strategy. This means being clear about the security threats that we and our clients face, but also taking the skills sets and the tools that we have and building a service proposition to improve our cyber security offering.
“The long-term view is all about adding value to clients, built from day one as part of a long term relationship.”
Centrality are Microsoft and cyber security experts. We leverage the right Microsoft solutions in the right combination to deliver true digital transformation for businesses. To find out more about the importance of cyber security and our unique approach, get in contact with us today.