“Today, physical safety in the workplace is a huge deal and there is a lot of regulation around it – but that didn’t exist 30 years ago. Cyber security is going through the same kind of culture shift; it has to be,” says Kathryn Chamberlain (left), Chief Operating Officer at cyber security start-up Beauceron Security.
Unfortunately, changing a culture within an organisation is a challenging process, but it is something that Kathryn has some appreciation of. While at university in her native Canada, she produced a thesis on employee engagement and created a model of engagement based on the different factors that can motivate and engage staff. It would prove to be the perfect preparation for her role at Beauceron, where changing organisational culture is the framework for reducing business risk through cyber awareness.
It is work for Beauceron that brought Kathryn to London; she has joined Cohort 8 at CyLon, a cyber security start-up accelerator programme that Nominet supports. The 13-week experience has provided Kathryn with the opportunity to refine Beauceron’s pitch and be mentored by industry leaders, which has reinforced her belief that “you can learn something from everyone you meet.”
“We have 20-minute mentoring sessions and it’s an exciting process to find out what someone can share with you,” explains Kathryn. “The programming is very intense, but incredibly rewarding.”
Cyber security was never an obvious choice for Kathryn, despite an early interest and aptitude in computer science and maths. “I liked the analytical side of those subjects,” she says. “I enjoyed the problem solving; having a tool set and needing to figure out how to make something work. I found it fun.”
However, it was a passion for start-ups that brought her to Beauceron, and even that happened serendipitously. “I took a class in entrepreneurship at university simply because it fit with my schedule and I heard the professor was good” she admits. “We had to start a business, and I found it so fulfilling. It made me realise that I wanted to be involved with a business – any business – right from the very beginning so I could be a part of its growth and development.”
A meeting with David Shipley – one of the co-founders of Beauceron – struck a chord in a way that other business opportunities hadn’t after graduation. “He told me that he believed people were the solution in cyber security, and that organisations needed to engage the community to make changes and improve their risk profile. I really believed that and felt I could be passionate about this cause.”
In the 18 months since she joined Beauceron, she has progressed from Business Development Officer into the role of COO, while the company has grown rapidly; there were twelve early adopter clients and two full-time staff when she joined; now there are over 55 clients and a team of eight. “It is all so exciting,” she says happily. “I have learnt so much and been part of the whole process, right from meeting clients to delivering the product, which I have loved.”
She also contributes a unique perspective to Beauceron as an ‘outsider’ in a team laden with cyber security experience. “When I first started, I was surprised to find out that all companies are struggling with it.”
With greater understanding of their plight, she can now see why organisations continue to find it difficult – and how to help. “It’s always going to be a huge challenge for companies because there are so many different threat actors constantly trying to get into their systems – they have to stay one step ahead of them. But companies need to place cyber risk in the context of the other risks they face to ensure they are tackling it properly. Creating an aware and engaged community is the first thing a company can do to start protecting themselves.”
Away from an organisational level, Kathryn believes we should all educate ourselves on the risks and take more care online. “I tell everyone I know to get two-factor authentication on all of their accounts,” she says. “and if it’s not possible, that should be a red flag. Before I got involved with cyber security, I used to think technology was some kind of utopia, but it’s not.”
“The internet is more like the wild west. There are no established rules and no international policing authority, so we all have to look after ourselves in much the same way as we take care of our physical selves and lock our doors at night.”
The health and safety of the future is digital, it seems, and we all need to practice better self-care to keep ourselves and our employers secure.