Cyber Security Q&A

Navigating Uncertain Times with NextDefense Managed Security Services

Q&A with Ed Tucker, CTO Cyber Security: why it’s time to change the cyber narrative, how AI is shaping cyber and why Telefónica Tech’s NextDefense Managed Security Services (MSS) are well placed to strengthen security beyond UK shores.


In this Q&A and blog article our CTO of Cyber Security discusses:


  • Why it’s time to change the cyber security narrative
  • How geopolitical factors shape cyber decision-making
  • Cyber Security strategies to secure the entire IT Landscape
  • Cyber Security and AI
  • Managing Cyber Security costs
  • Choosing a Managed Security Services Provider


Q: How does fear impact the cyber security narrative, and what alternative approach do you propose?



A: I believe it’s essential to shift the cyber security narrative. It needs to be more upbeat and business-focused. Fearmongering creates confusion at best and at worst many of us are left thinking “What’s the point? These threats are just going to keep evolving, outsmarting me at every turn.” It is too easy to get bamboozled or disillusioned by the common, fear-driven narrative out there, Security is difficult; the basics are anything but that, and yes technology and the threat landscape do evolve, but that is no different to any aspect of modern business. Security is not about technology first; it’s about people and processes.


Instead of fixating on just more technology to resolve cyber issues, we need to see security as a business partner. Helping to evaluate risk to make informed business decisions based on context and intelligence. It needs a business focus, and a focus on business outcomes delivered through people, process, and technology. It cannot succeed without all three working in tandem. Every technology investment necessitates a people and process investment to be successful. It comes down to intelligent investment. However, achieving this level of risk-based intelligence demands considerable time, effort and money which is where NextDefense’s expertise in risk management becomes invaluable. Managed security services providers like NextDefense play a crucial role in helping businesses effectively manage and embrace risk daily. Collaborating with an expert, with the resources to stay current means businesses can stay ahead of the evolving threat landscape, effectively managing and embracing risk daily. Moreover, it helps them to make the most appropriate risk decisions and focus in the right areas.

Cyber Security and Business Risk

Your cookie settings dont allow showing this content

Cookies configuration

Q: In what ways do geopolitical factors influence cyber security decision-making, and how can organisations navigate these challenges effectively?



A: Changes in the geopolitical landscape can significantly heighten risks for companies. For instance, engaging in trade with certain countries or operating in critical sectors like health, water or utilities can introduce unique challenges. That’s where any good Managed Security Services provider makes it their business to take a local and global approach to better understand the broader geopolitical landscape, alongside sectorial expertise. This helps to tailor cyber threat intelligence, identify risks early and take appropriate action.


When selecting a cyber security partner, it’s crucial to consider their depth of expertise in developing robust cyber defence strategies locally and across various sectors. For example, can their solutions meet specific needs, especially if you are operating in highly regulated, or high threat environments, across widespread geographies as well as the underlying business strategies? Choosing a partner, like NextDefense who comprehensively understands the intricacies of data security and regulatory compliance, enhances your defence posture to navigate the threat landscape with greater confidence.

Cyber Security Freedom in the Workplace

Your cookie settings dont allow showing this content

Cookies configuration

Q: What strategies can business leaders employ to ensure comprehensive cyber security across diverse operational landscapes?



A: Security isn’t a one-size-fits-all solution; it requires layers of defence-in-depth. For example, relying solely on employees to protect the whole organisation by spotting phishing threats would be a risky cyber defence strategy. Instead, security should be seamlessly integrated across all operations, whether adopting cloud services, managing HR transitions, or embracing innovative Artificial Intelligence technology.


Transparency is crucial; employees should understand security goals and methods without feeling overwhelmed. Security should support progress, rather than hinder it. It should be a background protector, much like a home burglar alarm that operates quietly until needed. Always there, unintrusive, but able to act when the need arises. With NextDefense Managed Security Services, we aim to embed security into everything we do, making it the default mode in cloud services, workplace practices, and business applications. By prioritising security from the start, we ensure it is woven throughout our processes and technologies, offering holistic security solutions, for the benefit of our customers.



Q: How does the integration of AI and automation enhance cyber security measures, both now and in the future?



A: Cyber security has been an early adopter of automation, especially with security automation and orchestration. With advancements in next-gen AI, integrating it with existing automation enables us to better leverage our data and make informed decisions, staying ahead of emerging cybersecurity trends. There is a slight luxury in that the data is potentially better understood in some environments, which makes them good cases for early adoption.  In future, this reliance on AI and automation will become more crucial in the continual drive to alleviate the strain on human resources and combat issues like alert fatigue and dwell times.


Within our NextDefense security services, we leverage advanced data sources, Big Data and AI (Machine Learning) techniques to predict and protect against emerging threats. It is the integration effect between these areas that drives the greatest value.  Transforming security operations with Data and AI, along with extensive use of Security Orchestration, Automation, and Response (SOAR), can enable automated cyber-attack prevention and response. This strengthens security measures, enhances overall security posture, safeguards customers from cyber threats, and extracts valuable insights from innovative cyber intelligence.

Cyber Security and AI

Your cookie settings dont allow showing this content

Cookies configuration

Q: What cost-effective approaches can leaders implement to manage cyber security expenses while maintaining robust defense mechanisms?



A: To control cyber security costs effectively, it comes down to fully understanding your security needs. What are you spending on and why? Where are the gaps that represent the biggest risk factors? Is there value, or return from the investments you make? Can you demonstrate as such? That’s why it’s important to challenge your partners and suppliers to ensure you’re getting the most value for your money. For example, are you using licences fully and avoiding paying for unused capabilities? Are you maximising that financial output?


Other considerations include simplifying processes, driving efficiencies whilst increasing effectiveness, and using templated solutions to reduce overheads. Finding a trustworthy partner who can prioritise your interests can ease the burden, especially in the ongoing management of security. Data is also key. By using data to gain true insights and from this make informed decisions, leveraging reliable partners, organisations can manage cyber security costs while maintaining strong compliance and effective security measures.

Q: What criteria do you prioritise when selecting a cyber security partner, and how does NextDefense meet these criteria?



A: When choosing a cyber security partner, or managed security services provider, I seek a true partnership based on mutual help, advice, and guidance. I prioritise open and honest conversations and ask probing questions about their approach to determining outcomes and adding value. A good partner should readily challenge clients to define clear outcomes and success criteria. And they should demonstrate a focus on my needs and constraints, rather than simply pursuing their technology flavour of choice.  References and team interactions are crucial for assessing their capabilities and commitment. Rather than focusing solely on price, I look for signs of a healthy partnership, such as low staff turnover and dedicated professionals. It’s essential to ensure that the expertise promised during sales meetings is delivered consistently throughout the service.


That’s why it’s been a privilege to onboard our NextDefense Managed Security Services here in the UK, which brings together a technology-agnostic approach, with some of the world’s best cyber minds including 6,300 professionals and more than 4,000 certifications in third-party technologies, all supported by its global network of SOCs spanning the UK, Europe and the Americas.  At NextDefense, we’re not just another managed security service; we’re dedicated to driving real outcomes and delivering tangible value, to support our customers’ cyber security journeys.

Learn more about NextDefense Managed Security Services