Laura Catterick
Programme Director, Group Operational Resilience, Cybersecurity LBG, Llyods Banking Group
What if someone hacks into the air conditioning linked to the lifts? Enter the mind of a CISO. At Llyods Banking Group, Laura Catterick is Programme Director of Group Operational Resilience for the Cybersecurity LBG. In addition to staying a step ahead of a new threat landscape, Laura’s key to success is making security everybody’s business. Talking to Vishal Salvi, CISO, Infosys, Laura outlines resilience as an enterprise-wide culture.
As mindsets change on the front line, the back end evolves: from detect and flag, to respond and recover, to sense and heal. This is holistic resilience, equal parts attitude and ability. And it makes all the difference between iron-clad and laid-bare for a hyper-networked enterprise.
Key Takeaways
Resilience isn’t a department, it’s a strategy
Ring-fencing cybersecurity as a function of systems and servers is myopic. Resilience goes beyond IT – it’s a broader view of resilience in everything from people and suppliers to buildings and ecosystems.
Nurture a culture of designing for security
Here’s the script: design, build, test, then secure. It’s time to rewrite the norm, by embedding and educating: to think security-first from the get-go of the lifecycle and take pride in developing secure products.
Break the upgrade cycle and question legacy
The cloud offers simplicity against a constant run of upgrades and a complex application footprint. But it isn’t just the what that must be revisited, it’s the how and why: legacy is also a way of thinking, from perspective to policy.
Outthinking starts with thinking like the enemy
Collaboration. Upskilling. Unlimited resources. Sounds like the enterprise strategy, but it’s actually the hacker strategy. Matching this will require experimentation, ecosystem innovation, and above all, agile security budgeting.
Educate yourself on security, but make sure that you're bringing the board and the senior executives along with you so that they understand the importance of why we need to keep funding this.
