Cyber security spotlight on...Emma Philpott, IASME
12:00 Saturday, 05 February 2022
UK Cyber Security Council
Dr Emma Philpott MBE: Emma is CEO of the IASME Consortium Ltd, a company which focuses on information assurance for small companies and the supply chain. IASME worked with the UK government to develop the Cyber Essentials scheme and was awarded the contract to be the sole NCSC Cyber Essentials Partner from April 2020. IASME also deliver the IASME Governance certification scheme, an affordable alternative to ISO27001, a security certification scheme for Internet of Things devices and Counter Fraud controls. IASME and their network of more than 270 Certification Bodies certify almost 2,000 companies per month.
Emma is also Founder and Manager of the UK Cyber Security Forum, a not-for-profit organisation leading an initiative to train unemployed neuro-diverse adults in cyber security and supporting them to find employment.
We caught up with her for our latest cyber security spotlight interview.
Describe for us your route into a cyber security career. Was it planned?
My career in cyber security was not planned at all as originally, I trained and then worked as a materials scientist. During the financial crisis of 2009, my family had just moved back to the UK from Italy, and due to the lack of available investment, there was not much going on in the materials technology sector. We decided to settle in Malvern, a small town in Worcestershire, where everyone seemed to be working in cyber security. With nothing else to do at the time, I got involved in trying to bring the small cyber security companies together and became increasingly involved in their exciting technology. This is how I met the founders of IASME, who asked me to join them to help grow the business.
Does working in cyber security meet the expectations you had for it before you started? How has it changed?
I did not really have expectations for cyber security before I started, however, I have been surprised at the multiple gaps in the market and opportunities for new business. This is exciting stuff. I have also been surprised at the misunderstanding from many cyber security experts on how little most business people understand or care about cyber security.
Were there any particular challenges or obstacles that you’ve needed to overcome?
In the past, it has been difficult working from Malvern when many of the important meetings and networking opportunities have been held in London. There seemed little appreciation for the cost to small companies for them to repeatedly travel to London . However, this has changed, certainly at the moment, thanks to the pandemic. I am sure the move to virtual meetings has helped a lot of small organisations attend important meetings and network events, allowing them to save time and money , yet be a visible and credible presence in their sector.
What's your career highlight to date?
Leading IASME to win the Government tender to be the sole Cyber Essentials Partner in 2019 has certainly been my career highlight. Even the IASME team were not certain that a small, rural company like IASME could win such a major tender, so it was a brilliant surprise.
What advice would you give to somebody considering a career in cyber?
Do not hesitate exploring cyber security as a career, it is a very exciting and fast paced industry. The people are generally friendly, generous and keen to support new people in the sector. The cyber security industry needs people with different skills and a much more diverse way of thinking, so if you do not see people like you in the sector, we especially need you to join us!
How do you keep your skills up to date?
I get involved with the discussion on the Cyber Essentials scheme and I remain one of the many people who proof reads all the advice that is published by IASME. This ensures that I stay up to date with the progress in cyber security and the Cyber Essentials scheme itself.
What do you think is likely to be next phase of your career in cyber?
I will be leading IASME into a wider community focused role. From March, we will be training unemployed neurodiverse adults in cyber security and supporting them into employment. We then hope to expand this training to target other groups that face barriers to getting work in cyber security, such as young people from areas of high deprivation.
I would also like to address the issue of cyber enabled fraud which targets vulnerable members of society. This is a really difficult area but something has to be done to better protect these members of our community.
What single thing you would change about the cyber sector?
I would change the way products and services are made, so they are all secure out of the box, without the users needing to understand and implement security at all.