Security Insights

DDoS attacks have posed a threat since the late 1990s. And distributed denial of service attacks have proven to be hard to prevent, and to deter.

Security teams are better at detecting and blocking DDoS attacks than they were. But malicious actors have not stood still.

They are now using complex, multi-vector attacks rather than relying on volume alone; they are using AI to design attacks, and compromised IoT devices to launch them, according to research from NETSCOUT.

In this episode, we look at how DDoS is evolving, and what CISOs can do to reduce their impact.

Our guest is Darren Anstee, CTO for security at NETSCOUT.

In this CISO interview, we discuss the role of a CISO in a global technology services business, the changing threat landscape -- from geopolitics to the growth of AI -- and the importance of skills,  learning and cybersecurity education.

Our guest is Mike Baker, vice president and global chief information officer at DXC Technology.

Above all, he says, the CISO's role is to build a resilient team.

Interview by Stephen Pritchard.

Over the last few years, we’ve seen the resurgence of geopolitics as a driver for cybersecurity, especially in Europe. But the return of war to the continent is just one factor changing CISOs’ views of risk.

In this Insights Interview, we discuss developments in the threat landscape with Haider Pasha, CSO for EMEA at Palo Alto Networks, following the company’s recent Ignite event in London.

As he describes it, Europe faces its own pressures, as malicious actors exploit differences between countries, their policies and even cultures.

But security leaders in Europe, and elsewhere, also face challenges from AI, quantum computing, and a fragmented and increasingly complex regulatory landscape.

So how do security teams close those gaps?

Interview by Stephen Pritchard.

What, exactly, is threat intelligence? And how do CISOs use it?

Security teams now have access to multiple sources of information on threats and threat actors. These come from industry, from law enforcement, and even their own networks and SOCs.

But how effective is it against an ever-changing roster of adversaries? And how do CISOs become informed consumers of intelligence?

We invited Rafe Pilling, director of threat intelligence at Sophos, to discuss how threat intelligence has developed, in the context of some of the recent attacks and threat groups.

What is digital sovereignty, how does it relate to data sovereignty, and to resilience?

In this CISO Interview, we speak to Kim Larsen, CISO at Keepit, a service provider specialising in protecting data for SaaS applications.

With a career spanning policing, government and the private sector, he has witnessed the growing influence of geopolitics on cybersecurity. And he suggests both businesses and public sector bodies need to think about not just where their data are, but how to guarantee access to their technology if the worst does happen.

Interview by Stephen Pritchard

The cybersecurity skills gap might be narrowing. According to the latest Cybersecurity Workforce Study, from ISC2, CISOs are less concerned about the number of cyber professionals in their organisations. Instead, the focus is on whether they have the right mix of skills, to take on an increasingly complex threat landscape.

We go through the results of the research, and what it might mean for cybersecurity professionals at all points in their careers, with ISC2's COO, Casey Marks.

Interview by Stephen Pritchard

In the first episode of Series 7 of Security Insights,we welcome back Charl van der Walt, head of security research at Orange Cyber Defense.

We discuss the key findings of his team's 2026 Security Navigator report, how AI is tipping the balance of power in favour of malicious actors, and why resilience and agility should be on the CISO's agenda for this year.

Cybersecurity is about building resilient organisations. But this is impossible without resilient people.

Cyber defence is often a highly pressured working environment. And it can be lonely too. But if teams are unable to function at their best, attackers will exploit this.

In the second of our two episodes on cyber resilience, we look at its human side.

Our guests are Rebecca Taylor, threat intelligence knowledge manager and human intelligence researcher at Sophos, and Amelia Hewitt director of cyber consulting at Principle Defence. They're also known as the Cyber Agony Aunts.

They discuss steps organisations, and individuals, can take to improve their resilience with Stephen Pritchard.

Cybersecurity is changing its focus.

Increasingly, it is less about defence and more about resilience.

Organisations have to be able to withstand and recover from an attack. It's no longer about preventing breaches: the sheer volume of cyberattacks means that is no longer possible.

Instead, security teams and boards should assume an attack will happen, prepare keep the organisation operating during an incident, and aim to recover as quickly as possible.

Our guest is James Blake, VP of global cyber resilency strategy and consulting services at Cohesity.

He argues that this means integrating  business continuity and disaster recovery with cybersecurity. And organisations should rehearse for cyber incidents, training staff to operate under what can be extreme pressure.

A good playbook, Blake suggests, is not enough.

Interview by Stephen Pritchard.

This year has not been easy for cybersecurity teams.

Businesses continue to face cybercrime and state-sponsored attacks, especially ransomware.

AI is proving to be a double-edged sword, helping both defenders and malicious actors.

And there are the ongoing issues of skills, recruitment and retention.

How, then, do cybersecurity professionals navigate their way through all these challanges? And what should they prioritise for 2026?

For this episode, we're pleased to welcome back Chris Dimitriadis, chief global strategy officer at ISACA.

Interview by Stephen Pritchard