Element Materials Technology - Experts & Thought Leaders

With cybercrime rising and new cybersecurity legislation tabled by the UK government, BM TRADA is encouraging businesses to achieve ISO 27001 certification sooner rather than later to safeguard information security and avoid non-compliance. Cybercrime has risen significantly in recent years, with 32% of businesses in the UK now attacked at least once a week, according to statistics gathered by The Independent. Phishing and ransomware attacks have had a particularly disruptive impact, with 61% of businesses in the UK reporting staff having received fraudulent emails or accessed fraudulent websites. Effects of a cyber breach  The long-term effects of a cyber breach on businesses and the economy have led to the UK Government to recently announce the Cyber Security and Resilience Bill, aimed to strengthen the UK’s cyber defenses. Amongst other intentions, the Bill is set to expand the remit of the existing regulation, put regulators on a stronger footing, and increase reporting requirements to build a better picture of cyber threats in government. BM TRADA launched a white paper on ISO 27001 Information Security Management Systems certification Following the announcements, BM TRADA, part of the Element Materials Technology group, has launched a white paper on ISO 27001 Information Security Management Systems certification. The paper from the pioneering management systems certification provider introduces the internationally recognized ISO 27001 standard, what the certification process entails, and the benefits of achieving the certification. Information security  Lee Horlock, Head of Technical & Approvals – Management Systems at BM TRADA, said: “In today’s technologically evolving world, information is now one of the most valuable assets for any organization. Protecting this information is critical, not just from an ethical point of view but also to comply with regulations such as GDPR and the UK Data Protection Act 2018." “We urge all businesses and those in control of information security to become ISO 27001 certified, if they are not already. Doing so offers a number of benefits, from being able to outwardly project trust and confidence in your information security, reducing the risk of financial and reputational loss, to being able to demonstrate compliance, which is now often also needed for business tenders.” BM TRADA’s white paper Within BM TRADA’s white paper, readers will find a case study on how the certification provider helped NHS Greater Manchester Integrated Care achieve the ISO 27001 standard, not long prior to the outbreak of the COVID-19 pandemic. Pioneering the project was Phil Scott, IT Security Manager for NHS Greater Manchester Shared Services, who had the following to say: “We knew ISO 27001 certification would make us pioneers in our field, but we didn’t realize what a difference it would make as we faced a global pandemic. Our staff and customers could work from home quickly and easily, while other parts of the healthcare system were struggling months later. Feedback from customers was overwhelmingly positive, boosting team morale at an incredibly difficult time.”

Infosecurity Europe, the most influential information security event running at ExCeL London from 4-6 June 2024 announced further findings from its 2024 Cybersecurity Trends, Obstacles, and Opportunities report highlighting that ransomware and AI-generated attacks are weighing heavily on cybersecurity pioneers’ minds, with almost 40% of those surveyed stating these issues were accelerating investment into cyber defenses.  This emphasizes the urgency for organizations to stay ahead of evolving threats and allocate greater resources to bolster their defenses. Role of cybersecurity With attacks becoming more frequent, complex, and damaging, businesses are allocating greater resources to bolster their defenses and enhance their resilience against evolving threats. This heightened investment reflects a growing recognition of the critical role that cybersecurity plays in protecting sensitive data, preserving customer trust, and safeguarding business continuity. Addressing the threat landscape The threat of ransomware persists and the 2024 Infosecurity Europe event is set to address the issue in greater depth The threat of ransomware persists and the 2024 Infosecurity Europe event is set to address the issue in greater depth. As malicious actors continue to exploit vulnerabilities in software, hardware, and human behavior, it’s critical to drive awareness around the significant risks posed to organizations' security and stability.  From ransomware attacks targeting critical infrastructure to sophisticated phishing campaigns aimed at stealing sensitive data, the threat landscape is more diverse and dynamic than ever.  Ransomware payment These topics will be further explored in some of the keynote sessions across the 3-day event. In a panel discussion titled ‘Ransomware - Time to Decide - Will You or Won't You Pay?’  on Thursday 6 June from10:55 - 11:25, Jon Davies, Senior Director - Cyber Defense, News Corp, will be joined by Paul Peters, Detective Superintendent / Managing Director, The Cyber Resilience Centre for Wales and Gareth Bateman, UK Cyber Growth pioneer, Marsh.  The trio will take to the stage, alongside moderator James Coker, Deputy Editor, Infosecurity Magazine, to discuss ransomware payment, a debate that has raged on for some time.   Effective response & recovery strategies "Ransomware attacks have become increasingly prevalent and continue to pose a significant threat to organizations. As cybercriminals continue to evolve their tactics, organizations must be prepared and equipped with effective response & recovery strategies. We will share real-world experiences and advice on how to respond to a ransomware attack, weighing the potential risks and consequences associated with paying the ransom," said Jon Davies, Director of Cyber Defense at News Corp. "This session aims to provide attendees with the knowledge and reference needed to make informed decisions and mitigate the impact of ransomware incidents." Response and recovery actions The panel will discuss the internal procedures following an attack, examine the methods and vulnerabilities Jennifer McGhee, CISO of Element Materials Technology, will further examine the immediate response in the wake of an attack in her keynote ‘Crisis Management – Responding to the Unimaginable’ at 14:05 - 14:45 on Thursday 6 June. Moderated by Paul Watts, Distinguished Analyst/vCISO, Information Security Forum, Jennifer will join a panel with Paul Mackie, CISO, Fern Trading, Stuart Seymour, Group CISO and CSO, Virgin Media O2, and Tomàs Roy, Director of the Cybersecurity Agency of Catalonia. The panel will discuss the internal procedures following an attack, examine the methods and vulnerabilities exploited, and assess the effectiveness of the response and recovery actions to refine security strategies. Importance of crisis management "As a CISO, with first-hand experience of facing a cyber attack, I understand the critical importance of crisis management," said Jennifer McGhee, CISO of Element Materials Technology. "Cybersecurity incidents can have far-reaching consequences, impacting not only an organization's operations but also its reputation and customer trust. Businesses need to be prepared with a robust incident response plan, detection, containment, and recovery." Communication, collaboration, and coordination “This should be coupled with clear communication, collaboration, and coordination among stakeholders during a crisis." "I will draw on my expertise in crisis management, along with other cybersecurity experts, to provide actionable guidance on how to strengthen overall cybersecurity posture and ensure resilience when responding to an attack." Infosecurity Europe Attendees will gain valuable knowledge on decision-making in ransomware situations Infosecurity Europe will feature several other sessions that explore the topic of ransomware and provide attendees with valuable insights and updates. These sessions will bring together industry experts, thought pioneers, and cybersecurity professionals to discuss the latest trends, strategies, and best practices in combating ransomware attacks. Attendees will gain valuable knowledge on decision-making in ransomware situations, and the essential updates needed to stay ahead of this evolving threat. Survey methodology The research was conducted by Censuswide, among a sample of 200 IT security decision-makers (18+). The data was collected between 18.01.24 - 23.01.24.  Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.