Q and A with Ian Thornton-Trump, CISO of Cyjax – Global Security Mag
November 2020 by Marc Jacob
(c) Lukiyanova_Natalia_ frenta
1. What is your role at Cyjax?
I am the CISO, so the security of the product and the security of the organisation is part of my duties and responsibilities. But it’s a relatively small organisation so I get to dabble in an area that I’m really excited about - marketing. I’ve got a good following on Twitter and LinkedIn, so I’m able to use that to share our information and our content. And, I’ve been really lucky to get mentioned in the press a fair amount, working on some really interesting projects with reporters as well as the information security community on a wider scale.
2. What made you want to work in the security industry?
I’ve always been fascinated by the relationship between our physical world and the cyber world because I was a military police officer for many years, and I worked for Canada’s national police force - the Royal Canadian Mounted Police (RCMP) - although unfortunately, I didn’t have a horse! But it was underscored by my experience working for a start-up in 2015. The start-up was at the tip of the spear when it came to dealing with cyber criminal attacks, such as crypto-locker in the early days, and we had 1,500 managed service providers globally. All of a sudden, I found myself on the world stage dealing with a new type of aggressive cyber threat that we have now come to know as ransomware.
3. What will you be talking about at ISWeek?
Cybersecurity is a huge topic, but I’m focusing in on cyber threat intelligence or threat intelligence because there are some nuances. One is focused on our physical world and geopolitics and how that creates the perfect environment for cyberattacks. And then vice versa, how cyber attacks themselves affect our daily lives, for example in an election, misinformation about Brexit, or the latest big topic, COVID-19. I’m going to try to encapsulate all of the threat actors that are involved, particularly emerging threat actors that a lot of people haven’t heard of yet. I’m hoping the big takeaway from my talk is an understanding of the fact that our physical world has ramifications in the cyber world, and watching the physical world closely and carefully will inform us, and allow us to be prepared for cyberattacks.
4. Why are events like ISWeek important for the security industry?
Events like International Security Week bring a variety of people together. Security is such a huge industry, not to mention all of the project managers and business analysts that have a relationship with security as well. The security community is so diverse that our gatherings now include all of these other ‘non-traditional’ security people, so by going virtual, the audience is unlimited.
5. What does this new unlimited audience mean for the industry?
We have to understand that as practitioners, our audience is not just our colleagues and our peers, but the general public who may have an interest vested interest in the topics covered by events such as ISWeek. It presents a really good opportunity for dispelling a lot of the myths of the security community, and some of the views that the security community may hold, which the general public doesn’t necessarily understand.
A great example is open discussions around the need for cryptographic backdoors, where the entire security community is almost completely united around their dislike of the idea. But a person on the street, who doesn’t quite understand what the ramifications are, needs to hear this explained simply. The industry needs to modify its language to become more accessible to this new audience.
6. What is your prediction for the security industry in 2021?
As we see the impacts of global climate change on our environment – increasing temperatures, powerful storms, etc, we need to think about the resiliency of our organisations. What happens in terms of an ecological disaster or natural manmade disaster, due to climate change half a world away can directly affect your ability to deliver products and services. So, the whole ecosystem needs to be protected against these perils. As a result, I think cyber security and threat intelligence will start to look at risk on a much broader scale. Because to be perfectly honest, Mother Nature can do more damage to any IT system than any hackers can.
Ian will be speaking on Day Two of International Security Week (ISWeek) - Countering the cyber threat and future trends. How has this been influenced by the Pandemic? sponsored by Tripwire.
Register for ISWeek 2020 for free now:
For more information on International Security Week, visit
https://www.internationalsecurityexpo.com/international-security-week or join the conversation online:
• Follow International Security Expo on Twitter: https://twitter.com/ISE_Expo
• Follow International Security Expo on LinkedIn: https://www.linkedin.com/company/internationalsecurityexpo/