The Technology Boardroom podcast welcomes its first guest in the seventh episode, “Navigating risk: leadership insights from the AA’s CISO”, with Advania’s Pravesh Kara joined by the AA’s CISO, Darren Desmond. Catch up on the conversation as Darren shares his journey, the challenges a CISO faces, and the strategies that keep one of the UK’s most recognisable brands secure.
We’ll give you a full rundown of the conversation, which delves into the world of cyber security, exploring themes such as diversity of thought, the evolution of technology, and the critical importance of resilience. With Darren’s experience spanning both the military and corporate worlds, you can get unique insights into the role of a CISO navigating the ever-evolving information security landscape.
Meet the Boardroom
- Darren Desmond: Chief Information Security Officer at the AA
Darren Desmond is the CISO at the AA, where he leads the organisation’s information security strategy. With a background in the military, Darren brings a wealth of experience in cyber security, criminal investigations, and threat intelligence. His career has spanned roles at the Atomic Weapons Establishment, Betfair, and Virgin Media, where he honed his skills in managing complex security challenges.
- Pravesh Kara: Security and Compliance Director at Advania
Pravesh Kara is our host of The Technology Boardroom this episode. With a keen interest in information security, Pravesh brings engaging conversations with top professionals in the field. His goal is to uncover the stories, experiences, and insights that shape the world of cyber security today.
The challenges and triumphs of cyber security
In this episode, Darren opens up about his unique journey from the military to becoming the CISO at the AA. He emphasises the importance of diversity of thought, explaining how it enriches a team and aids in solving complex problems. Darren also discusses the evolution of technology and the need for constant adaptation in the face of new challenges, such as artificial intelligence and compliance regulations.
One of the key takeaways from this conversation is the concept of resilience. Darren highlights how the ability to recover quickly from incidents is fundamental to maintaining security in a dynamic environment. He also touches on the delicate balance between security and business agility, emphasising the importance of negotiation and compromise.
Diversity of thought
Darren starts the conversation by stressing the importance of diversity of thought in building an effective security organisation.
“If I hired a load of ex-military people, we'd all think the same. It wouldn't be a very effective business-led security organisation.” – Darren Desmond
Darren believes that having a team with varied backgrounds and perspectives is crucial for tackling problems from different angles and finding innovative solutions.
Evolution of technology
From fax machines in suitcases to modern cyber security tools, Darren’s career has spanned a remarkable evolution in technology. His journey began in the military, where he first encountered tech through surveillance and document exploitation. This military experience laid the foundation for his interest in cyber security, which he further developed through roles in various organisations, including the Atomic Weapons Establishment and Betfair.
Darren’s story illustrates how technology continually transforms the field of information security. He shares anecdotes from his time in the military, such as using remote cameras powered over microwave transmissions, which piqued his interest in tech. His transition to civilian roles involved adapting to new challenges, such as managing cyber crime investigations and threat intelligence at Virgin Media.
Resilience and adaptation
Resilience is a recurring theme in Darren’s discussion. He explains how his military background instilled in him the values of discipline, flexibility, and resilience, which are essential for his role as a CISO.
“The biggest thing is self-discipline. You learn resilience in the military, obviously, because it tends to be in a quite harsh environment.” – Darren Desmond
Darren’s approach to resilience is not just about recovering from incidents but also about preparing for and mitigating risks. He emphasises the importance of maintaining basic cyber security hygiene and continually improving security measures. His experience with incidents like a €44m cryptocurrency theft investigation in a previous company underscores the need for vigilance and preparedness.
Balancing security and business agility
One of the most challenging aspects of being a CISO, according to Darren, is balancing security with business needs. He shares how he navigates this delicate balance by focusing on security risk management and prioritising the protection of the organisation’s crown jewels, such as customer data.
Darren also discusses the importance of negotiation and compromise. “Everything is a balance, right? And this way everything’s a negotiation,” he says. He believes that understanding the business’s priorities and working collaboratively with other departments is key to achieving effective security.
Catch the full conversation on The Technology Boardroom podcast
Don’t miss out on this insightful conversation with the CISO of one of the UK’s most recognisable motoring brands – listen to the full episode to get the complete conversation between Darren Desmon and our host Pravesh Kara.