In this episode of "Security Tech Talk," cybersecurity expert Mike Gillespie delves into the intricate relationship between cybersecurity legislation and business practices. With over 35 years of experience, Mike provides a critical analysis of the gap between legislative intentions and their practical implementation in the business world. The episode explores key challenges such as the disconnect between lawmakers and businesses, the complexities of supply chain security, and the necessity for agile certification processes to keep pace with technological advancements.

Steve and Mike discuss the pressing need for industries, particularly construction and infrastructure, to integrate cybersecurity considerations into their projects from the outset. Mike brings us his opinions on the potential of cybersecurity to transform networks into vital business assets rather than mere security tools and the importance of frameworks like the NIS2 directive and the Cyber Resilience Act in ensuring secure technologies and better data management. Through these insights, Steve and Mike encourage organizations to prioritize cybersecurity as a critical aspect of modern business operations.

About our guest:

Mike Gillespie is a seasoned security expert with over 35 years of experience. His career began in the British military, transitioning into a 25-year focus on cybersecurity. He is the founder of Advent IM and holds numerous leadership positions, including Director at the Security Institute and Vice President of the Center for Strategic Cyberspace and Security Science. Mike also led a steering group for the UK Surveillance Camera Commissioner, focusing on secure by design and secure by default certification. With his extensive background in both physical and electronic security, Mike is uniquely qualified to address today's cybersecurity challenges.

Connect with Mike on LinkedIn

Chapters:

(00:06) Cybersecurity Challenges in Security Industry

Mike Gillespie discusses the complexities of aligning cybersecurity legislation with practical business practices, emphasizing the need for informed legislation and the proactive involvement of businesses to go beyond minimal compliance efforts.

(12:55) Ensuring Security in Supply Chain

This chapter delves into the intricacies of supply chain security in video surveillance systems, highlighting the challenges of adopting 'secure by default' standards and the critical role of transparency in preventing counterfeit components.

(21:10) Adapting to Evolving Security Standards

Exploring the cybersecurity industry's struggle to keep up with rapid technological advancements, this chapter underscores the need for agile certification processes and the transformative potential of AI in enhancing cybersecurity practices.

(26:55) Importance of Cybersecurity in Industries

The discussion reveals the alarming lack of cybersecurity considerations in construction and infrastructure projects, advocating for integrated cybersecurity strategies to enhance operational efficiency and data management across various sectors.

Resources:

Read more about Advent IM

More information on the NIS2 Directive

More information on the Cyber Resilience Act

More information on the UNIS2 and UK's Product Security and Telecommunications Infrastructure Act

Read the European Union’s AI Act

Meet your host Steve Kenny: Steve has spent 14 years in the security sector undertaking various roles that have seen him take responsibility for key elements of mission critical, high profile projects across a number of different vertical markets. For the last several years, Steve has focused his attention on how technologies can best complement day to day operations and specifically address operational issues by supporting the A&E consultant community across Northern Europe. Steve is a committee member for ASIS International focusing on Education for the security sector and the UK technology advisor for TINYg (Terrorist Information New York group).

Connect with Steve on LinkedIn

More about Axis Communications: Axis enables a smarter and safer world by creating solutions for improving security and business performance. As a network technology company and industry leader, Axis offers solutions in video surveillance, access control, intercom, and audio systems. They are enhanced by intelligent analytics applications and supported by high-quality training. Axis has around 4,000 dedicated employees in over 50 countries and collaborates with technology and system integration partners worldwide to deliver customer solutions. Axis was founded in 1984, and the headquarters are in Lund, Sweden.

Find out more about Axis Communications - Innovating for a smarter, safer world

https://www.axis.com/