Insights from our CEO, Marion Stewart
Introduction
Marion Stewart, the CEO of Red Helix sat down with Paul Essery, the host of the Tech Business podcast to discuss the major themes and issues within cyber security today. They explored what the biggest concerns for businesses are right now, the challenges surrounding the language of the industry, ransomware, and AI. If you would like to watch the full video, please watch it here.
Tell us a bit about yourself and a bit about the Red Helix business.
Marion: I’ve been in the tech industry for over 30 years. I started in IT managed services and spanned into data centres. Obviously, when you’re in data centres and IT, security is an inherent part of that, so I’ve had a very long and a fruitful career in the cyber sector. I joined Red Helix two years ago and as a company, we celebrate our 40th anniversary this year. Our mantra and our mission is to stop cybercrime paying.
Everyone will have seen in the news, a huge increase in cybercrime and how it is reported. Red Helix’s position in the market is to help UK businesses to not fall foul of cybercrime and cyber criminals, extorting money from them. It’s a huge cost to our economy, people personally, and small businesses. Our role is to try and do as much as possible to help businesses protect themselves.
There is an increase in cybercrime at the moment, what do you think is the biggest concern for businesses at the moment?
Marion: There is a lot in the media about state-sponsored cybercrime, which has led a lot of businesses to think; why would I, or why would my company, be a target for state-sponsored crime? The reality is, that state-sponsored cybercrime, is generally targeted at large critical national infrastructure, government, or health care. It’s the headline hitting companies that they will target.
However, there are organised crime groups that sit behind targeting mid-size companies, that are just as prevalent, but much less talked about. Their premise is not to discredit companies but to extort money from them. They will be scanning to see where they can find any vulnerability, and when they find the vulnerability, they will exploit it. That is when you start to see small businesses receiving cash demands and suffering ransomware.
So, I think there is an increase in cyber-attacks, but it comes from two different sources. The media talks a lot about the state-sponsored cyber-attacks, but not enough about the organised crime efforts that extort cash out of UK companies.
How does your technology help businesses?
Marion: Making technology easy to consume and affordable for small and mid-sized businesses is vital. At Red Helix, we use industry-leading technology that is integrated for seamless delivery. So, companies don’t need to navigate complex tooling, and the nuances of integration and interpreting data. We undertake all that complexity and take it out of their hands.
By offering that level of protection to small and mid-sized businesses, our aim is to make that accessible and affordable. We bring similar levels of protection, to small and mid-sized businesses in the UK, that we associate with the large national infrastructure companies or big enterprises, so that they can consume cybersecurity as a service without having to navigate a complex landscape.
The second thing that we do is driving educational awareness and cultural change in organisations, helping companies to embed security at the heart of their culture, no matter what size it is, whether it’s a one, two, three-person business or a 500-person business. Everyone in that business needs to understand how to protect the company’s assets. A lot of exploitations have come about because people haven’t known that, and they’ve clicked on the link, or they’ve opened the email. There are some very simple things that organisations can do, and we help companies to achieve that.
One of the things I hear from a lot of companies we speak to is, ‘We can’t possibly afford all of that technology and the skills to operate it’. We’ve built a commercially innovative model where there are very limited upfront costs to consume the service, so it removes a barrier to entry. I think there are two barriers to entry for companies; one is cost, and the other is skill. We take care of both with the services that we provide.
Tell us a bit about some the challenges that you’ve had to overcome to get to where you are now?
Marion: The language in the industry is very complex, there are a lot of acronyms, and a lot of specialist terms, which makes it difficult for consumers to comprehend what are some quite straightforward concepts. Running a campaign of using plain English when we talk about cyber is something we’ve really champion at Red Helix.
We explain our multi-vendor tech by using the analogy of a tsunami warning system. For example, one of your controls or sensors might tell you there are some strong winds, that doesn’t mean anything other than there is a strong wind coming. However, if you aggregate that warning with lots of other warnings that are coming from different platforms, and you have AI, that can say that with all of those conditions met, there is a tsunami coming. This is similar to the way Red Helix operates, there are lots of controls that feed in, and our systems will tell us whether there is a threat. The challenges in language and how we explain what we do as an industry is something that is evolving but it needs more work.
AI is also becoming a big challenge in cyber security, but it is a double-edged sword. The cyber-criminals are using it to create more sophisticated ways of breaking into infrastructure and technology to exploit. On the other hand, a lot of the security defence technology uses AI to counter attacks, so it is becoming a race to see which side can use AI most effectively for their cause.
The other challenge is there is a lot of fear in the reporting and we as an industry need to cut through this and talk openly about what we are experiencing so it is easy to understand. I think a lot of breaches are swept under the carpet and as an industry we are not learning from them.
How do you propose that we start to manage some of these challenges?
Marion: We need to continue to evolve at a fast pace, attracting and retaining skills in cyber is something that is critical there are lots of schemes, apprenticeships, and apprenticeship degrees to make it more attractive for young people to come in to. The media suggests that AI is going to take over all of these jobs, but this is not the case. People are necessary for the analytics, defence and threat hunting in cyber, and the need for that is only going to grow.
What are the ambitions for the business, over the next 4-5 years?
Marion: The aspiration for the brand is to become synonymous with the protection that we bring our clients, and with that ensuring our clients can continue their success. I am very keen to continue to grow awareness of the business, and our reputation.
Having such great feedback from our clients whether they are new or old ones that we have had relationships with for 15 years is allowing us to have organic growth. Combined with acquisitive growth; the sector is very fragmented, and I think in the next few years we will see rollups of some of the smaller companies and ideally Red Helix will be a part of that.
