In this episode of "Security Tech Talk," cybersecurity expert Mike Gillespie delves into the intricate relationship between cybersecurity legislation and business practices. With over 35 years of experience, Mike provides a critical analysis of the gap between legislative intentions and their practical implementation in the business world. The episode explores key challenges such as the disconnect between lawmakers and businesses, the complexities of supply chain security, and the necessity for agile certification processes to keep pace with technological advancements.

Steve and Mike discuss the pressing need for industries, particularly construction and infrastructure, to integrate cybersecurity considerations into their projects from the outset. Mike brings us his opinions on the potential of cybersecurity to transform networks into vital business assets rather than mere security tools and the importance of frameworks like the NIS2 directive and the Cyber Resilience Act in ensuring secure technologies and better data management. Through these insights, Steve and Mike encourage organizations to prioritize cybersecurity as a critical aspect of modern business operations.

About our guest:

Mike Gillespie is a seasoned security expert with over 35 years of experience. His career began in the British military, transitioning into a 25-year focus on cybersecurity. He is the founder of Advent IM and holds numerous leadership positions, including Director at the Security Institute and Vice President of the Center for Strategic Cyberspace and Security Science. Mike also led a steering group for the UK Surveillance Camera Commissioner, focusing on secure by design and secure by default certification. With his extensive background in both physical and electronic security, Mike is uniquely qualified to address today's cybersecurity challenges.

Connect with Mike on LinkedIn

Chapters:

(00:06) Cybersecurity Challenges in Security Industry

Mike Gillespie discusses the complexities of aligning cybersecurity legislation with practical business practices, emphasizing the need for informed legislation and the proactive involvement of businesses to go beyond minimal compliance efforts.

(12:55) Ensuring Security in Supply Chain

This chapter delves into the intricacies of supply chain security in video surveillance systems, highlighting the challenges of adopting 'secure by default' standards and the critical role of transparency in preventing counterfeit components.

(21:10) Adapting to Evolving Security Standards

Exploring the cybersecurity industry's struggle to keep up with rapid technological advancements, this chapter underscores the need for agile certification processes and the transformative potential of AI in enhancing cybersecurity practices.

(26:55) Importance of Cybersecurity in Industries

The discussion reveals the alarming lack of cybersecurity considerations in construction and infrastructure projects, advocating for integrated cybersecurity strategies to enhance operational efficiency and data management across various sectors.

Resources:

Read more about