In this episode I am joined by Andy Jones.  Andy, has a distinguished career in information security, as both a CISO and also in his roles as a major influencer within industry stakeholders such as the Information Security Forum.

He helped steer organisations like Sainsburys, Unilever, British Airways and Maresk along their journeys when it comes to developing a mature approach to informat6ion security. And his rich experience and practical insight made him a natural for roles at the Information Security Forum.

He’s curious about many things, not just information security, and that gives him a level of insight and an ability to communicate which marked him out amongst his piers and meant he was a regular speaker on the industry circuit. But the reason why I asked Andy to join us was his specific experience of the “human factor” within the context of one of the worlds best known cyber security attacks.

In this episode I wanted to explore whether employee awareness, behaviour and culture was influenced by the unique forces at play during a significant cyber security incident.

The motivation for taking this angle came through my research at the Re-thinking the human factor, where I identified that our judgement and decision making is heavily influenced by the environment. So what happens when our environment, within which we make decisions, is no longer the corporate classroom or some CBT, and turns into a real, live event.

In this episode Andy shares insights into his own experience as the CISO at the helm of Maersk during one of the industry’s best known cyber security incidents in recent time.

I hope that you enjoy.