Ed Tucker may have “tripped and fallen into information security” but the European CISO of the year landed perfectly on his feet. Former head of cybersecurity at HMRC, Ed says the key to his work is to get to know a business, grow empathy with them and to “shut up and let them talk”. He also, quite remarkably, refuses to take himself too seriously...
?If you could work with any client on any project, who and what would it be?
I’d actually like to work with the NHS to build an efficient and effective security ecosystem across the whole piece. I never said it would be easy…
What’s your proudest achievement?
It’s not the biggest, but landing DMARC at HMRC was the proudest. It was a genuine labor of love from start to finish. To actually land it successfully was a very fulfilling moment. That said, winning European CISO of the year was very special and very humbling. To be recognized by your peers is fantastic.
If you could change one thing about the industry, what would it be?
Just one? Diversity is the obvious one, but I'll go different. I want to see depth on content from the security industry. At the moment everything is at 30,000 foot and laden with buzzwords. We only grow as an industry if we actually start to teach each other, and that only comes from depth of sharing.
If you could create an ‘all-star’ project team to work with you on a really tough but exciting project, who would you pick and why?
I really admire Ian Levy, he’s an awesome guy with a stigma of being Dr Levy, but in actual fact he’s a great guy to spend time with…if a little short. Adrian Slade is an awesome project manager in this space. To build the ultimate team I'd have Giri Sivanesan and Paul Chichester: two better cyber experts you are unlikely to ever meet. I’d add Shawn Riley, the guru of cyber intelligence and Iain Hunneybell, who is a ninja grade CISO. Professor Amy Blyth would run the forensics capability with Chris Newman, and because you've got to grow the next generation, I'll add two of the best apprentices I've come across in Nicola Grantham and Jordan Yearsley.
We only grow as an industry if we actually start to teach each other, and that only comes from depth of sharing...
Quick-fire Q&A
What’s the worst thing about your job?
The travel. I miss my family.
What’s your dream job?
A professional rugby player.
What’s the most misunderstood thing about information security?
That encryption is the answer to everything. Oh and APT.
Tell us a secret
I have over 30 tattoos.
Advice for Infosec Newbies?
The ABC. Assume nothing, Believe no-one and Check everything.
BIO @Teddybreath
Ed is the current European CISO of the Year and newly-appointed CIO at DP Governance. He is a well-respected and recognized industry expert, noted for speaking with honesty and bringing a healthy dose of realism to the fore. Ed has spent many years at the coalface of security, both in UK Government and private sector, building up a wealth of practical experience along the way.