On 21st March, 2025, we hosted a dynamic cybersecurity event at the stunning Gog Magog Golf Club, bringing together industry experts to discuss the ever-evolving threat landscape and the best strategies for resilience. The morning was packed with valuable insights from leaders in cybersecurity, including Jim Stevenson from the Eastern Cyber Resilience Centre (ECRC), Kyle Torres from Sophos, and Martin Male from Intergence. Here’s a recap of the key discussions and takeaways.
Welcome Address – Martin Male, Intergence
Martin Male kicked off the event by setting the scene on why cybersecurity is more critical than ever. He highlighted the growing number of cyber threats targeting businesses of all sizes and the importance of a proactive approach to resilience. Martin shared a compelling story about a colleague whose business in Virginia was severely impacted by a cyberattack. The attack not only disrupted operations but also resulted in significant financial and reputational damage. This real-world example underscored the necessity of robust cybersecurity measures, regardless of business size or industry. Emphasising collaboration, Martin noted that tackling cybersecurity challenges requires a shared effort between businesses, solution providers, and law enforcement.
Understanding Cyber Resilience – Jim Stevenson, ECRC
Jim Stevenson, Head of Cyber Security and Innovation, with 21 years of policing experience from the Eastern Cyber Resilience Centre (ECRC) provided an eye-opening overview of the current threat landscape. He shared real-world examples of cyber incidents affecting businesses and the devastating consequences of poor cyber hygiene. He discussed the rising costs and impacts of cybercrime, particularly ransomware attacks, which can cost businesses an average of £313,000. These attacks often involve double or triple extortion, where criminals not only demand payment to unlock data but also threaten to release or sell stolen information. These criminal activities can have severe financial and reputational consequences, including loss of business, and recovery costs. A major issue is business email compromise, where attackers impersonate companies to steal money from clients or suppliers.
Key Takeaways from Jim’s talk:
-
Cybercrime is on the rise: Businesses of all sizes are at risk, not just large enterprises, with 58% of small businesses being victims of some kind of cybercrime last year.
-
Fundamental security measures matter: Simple steps like multi-factor authentication (MFA), reviewing passwords to make sure they are strong and you're using a different password for each account, and regular software updates can prevent major breaches.
-
Collaboration with law enforcement helps: ECRC offers valuable free resources to businesses, including security assessments and cyber training.
- Cybersecurity Gaps: 12% of UK small businesses have effective cybersecurity, leaving them vulnerable.
- Global Threats: 85-94% of cyberattacks come from foreign nations, with Russia, North Korea, China, and Iran as major sources.
-
Cyber Essentials: Small businesses can obtain Cyber Essentials certification to reduce their risk profile by up to 90%.
Next-Generation Security – Kyle Torres, Sophos
Kyle Torres, Senior Channel Executive at Sophos, introduced himself and shared his background, including his 13 years in the UK and prior military experience in the US Army. He also serves as the vice chair for the GTIA and the UKI Cybersecurity Committee. The main topic of his presentation was AI in cybersecurity, focusing on its benefits, risks, and practical steps organisations can take to leverage AI safely.
Key points from the talk:
-
AI in Cybersecurity: AI, especially deep learning and generative AI, is increasingly integrated into cybersecurity, helping to identify unknown malware, automate threat investigations, and reduce employee burnout by easing workload.
-
AI Adoption: Most organisations already use AI in some form, particularly deep learning. Small businesses focus on reducing employee burnout, while larger organisations prioritise protecting against cyber threats.
-
Risks: There are several risks, including data classification issues, financial risks, and the potential misuse of AI in cyberattacks (e.g., AI-generated phishing, voice cloning, and AI-driven malware creation).
-
Generative AI: While generative AI can improve threat detection and automation, it can also pose risks like data leakage, financial concerns, and over-reliance on technology.
-
Practical Advice: Organisations should verify the security practices of AI vendors, adopt policies to mitigate risks (like acceptable use policies), and ensure transparency in AI implementation.
The conclusion emphasised that AI, when used thoughtfully, can enhance cybersecurity and empower IT professionals, but it must be implemented carefully to avoid potential drawbacks.
Building a Cyber Resilience Strategy – Martin Male, Intergence
Martin, CRO at Intergence, expressed the increasing importance of cybersecurity across both public and private sectors, particularly in vulnerable areas like the not-for-profit sector. A significant concern is the rise of cyberattacks targeting organisations like charities, whose mission to find cures (e.g., for cancer) makes them particularly sensitive to cyber threats. Martin discussed Intergence's commitment to securing customers' digital journeys, highlighting the importance of proactive cybersecurity, especially during technology changes.
Key points:
-
Managed Detection and Response (MDR): Intergence focuses on protecting clients through managed services, particularly during times of technological change when organisations are most vulnerable.
-
Cybercrime Threats: Cybercrime is now a larger global threat than the illegal drug trade. Intergence use tools to detect and contain attacks in real-time, often within 90 seconds, preventing further damage.
-
Sophisticated Protection: Intergence use a "data lake" to detect attack patterns and deploy real-time responses, including shielding compromised devices and preventing lateral attacks within networks.
-
24/7 Global Security Support: Intergence work with Sophos, which has a global network of security operation centers to monitor and address cybersecurity threats at all times. With Sophos, Intergence have a proven record of successfully containing and remediating attacks, often in less than 30 minutes.
-
Integration with Other Security Tools: Their MDR service integrates with other tools like Microsoft Defender, offering greater protection across networks and devices.
-
Cyber Insurance Benefits: Intergence provides an included $1 million cyber insurance policy as part of its service, which is attractive to businesses seeking to lower risk for cyber insurance purposes.
They encourage businesses to assess their security through a free breach report which can be found at the end of this blog.
Panel Discussion – Tackling Cyber Threats Together
The event concluded with a lively panel discussion featuring our expert speakers, where attendees had the opportunity to ask pressing questions about cybersecurity challenges and best practices. Topics covered included:
Geopolitical Impact: Geopolitical instability increases cybersecurity concerns. For example, before Russia’s invasion of Ukraine, Russian cyberattacks on the UK dropped as cybercriminals were redirected to target Ukraine. Similarly, the U.S. recently halted cyber operations against Russia, but actions from groups like LockBit are ongoing.
Supply Chain Attacks: Hackers are increasingly targeting third-party suppliers to gain access to organisations. Examples include breaches involving the Metropolitan Police and Ministry of Defence.
Internal Cyber Warfare: A notable development is the fragmentation of hacking groups, like Conti, where the Ukrainian faction attacked Russian-aligned infrastructure after the invasion.
AI and Cybersecurity: AI’s role in cybersecurity is growing, especially in generative AI and tools like Microsoft Co-pilot, with AI expected to drive future technological innovation.
Compliance Mistakes: Businesses often treat compliance as a "tick-box" exercise, failing to seek expert guidance or use available resources. Proper research and validation are crucial. The discussion stresses the importance of doing proper research and not just relying on external vendors without proper guidance.
Cyber Essentials: Cyber Essentials certification is becoming increasingly required for public sector contracts. Businesses are encouraged to start the certification process early to avoid last-minute challenges.
Final Thoughts
The event at Gog Magog Golf Club was a fantastic opportunity to engage with industry experts and gain actionable insights into improving cyber resilience. The key message? Cybersecurity is not a one-time fix but a continuous journey. By staying proactive, leveraging the right technologies, and fostering a security-conscious culture, businesses can significantly reduce their risk of falling victim to cybercrime.
We’d like to thank our speakers and attendees for making the event a success. Stay tuned for future cybersecurity events where we’ll continue to explore the latest trends and best practices to help businesses stay secure in an increasingly digital world. If you're worried about your cybersecurity, register for our free cyber security assessment, where we can tell you where your vulnerabilities are and whether any of your data is already exposed on the dark web, with strategies to help.