Canadian Cyber Security Journal
Filed under: Opinion

‘Cybersecurity today requires greater digital and business understanding’


BSI’s Mark Brown discusses current infosec challenges, the need for diversity in cybersecurity recruits, and how he picked up his tech flair from his dad.

Mark Brown joined BSI in February of this year as global managing director for its Cybersecurity and Information Resilience consulting services business. He has almost 30 years of experience in this sector, previously holding leadership roles such as global CISO at SABMiller and global CIO/CTO at Spectris. He was also a senior partner at Wipro and a partner at EY.

As well as his role at BSI Cybersecurity and Information Resilience, Brown is on TechUK’s Cyber Security Management Committee, which advises the UK government on how businesses can be incentivised to safely adopt new technologies.

Describe your role and what you do.

I have overall responsibility for managing a worldwide team of consultants and delivering the highest quality services to our client base.

My role is the public face of BSI’s cybersecurity business and as such my position is a blend of internal management as well as external brand development, ensuring that my near-30 years of experience enables me to pay something back, and indeed forward, to the future of the cybersecurity profession.

How do you prioritise and organise your working life?

My wife and family would probably describe me as a workaholic. But, for me, much of how I work, prioritise and organise my working life comes from my time serving in the British Armed Forces, where organisational skills are paramount.

Timekeeping is a key attribute and I learned early that avoiding back-to-back meetings was a positive. Having 25-minute and 50-minute meetings rather than half hour or whole hour meetings affords that little bit of respite to the working day.

What are the biggest challenges facing your sector and how are you tackling them?

Skills shortage. Not in the technical sense but in the ability to translate traditional cybersecurity from a technical perspective centred around compliance to a discussion focused on business enablement.

For too long, cybersecurity professionals have been synonymous with compliance professionals. To remain relevant, we need to transition to become commercially aware digital risk management professionals who are recognised as business advisers and leaders.

What are the key sector opportunities you’re capitalising on?

Digital transformation and industry 4.0 are huge opportunities for all businesses and therefore for BSI too.

The key challenge is the fact that globally there is an absence of experienced professionals who are able to balance an understanding of the business opportunity and the technical needs in addition to the safeguards required to grasp the opportunity successfully.

What set you on the road to where you are now?

I grew up in the very early ages of computing and remember the fanfare of the school being able to buy its first computer – it was a BBC Micro. At home I was also fortunate that my father was science-minded as an electrical engineer and I had evidently picked up attributes of learning from him as I had a natural flair for computational processing.

Roll forward almost 40 years and I am still learning and amplifying that inquisitive scientific learning mode. For me, the pathway never ends – constant learning is a must in my role as skills can fade overnight. Without that lesson from a very early stage in life from my father, I am not sure I would be where I am today.

Enjoy this article? Don’t forget to share.