Graham Thomson

Graham Thomson

CISO at Irwin Mitchell

Irwin Mitchell
Share
Graham Thomson reveals the numerous challenges and opportunities keeping him up at night as CISO at UK-based legal powerhouse Irwin Mitchell

Considering Graham Thomson has forged a successful career in cybersecurity, it’s somewhat surprising to learn his education at the University of Glasgow was focused on genetics. 

However, over the ensuing years, that foundation in scientific research and analytical thinking has proved invaluable. 

After leaving university, Graham landed himself a role as a Military Intelligence Operator with the British Army, which gave him a solid grounding in the wider security field. 

Moving into the corporate world, he then worked in serious fraud and corporate crime investigations at a major supermarket.

“It was a really good transition and there were a lot of transferable skills,” he explains. 

“That got me thinking: ‘what does the future hold? Where are my skills and interests best placed?’ And so I pointed myself in the direction of information security, as it was then, which we now call cybersecurity.”

Intent on pursuing this new path, Graham obtained his CISSP certification and jumped head first into cybersecurity. Over the years he has worked across retail, financial services and, since 2017, in the legal sector with Irwin Mitchell as an award-winning CISO. 

Despite leaving university almost three decades ago, Graham chooses to live by an ethos of continuous professional education. 

He has completed numerous qualifications in areas like digital forensics, incident response, agile methodologies and project management, as well as a whole host of leadership and soft skills training. 

More recently, he completed an advanced course in AI for innovation and transformation at the University of Oxford.

Graham adds: “I’ve been able to use that – plus the other skills I've developed – to implement generative AI across our business and make sure it's secure, compliant and private.”

Collaborative teamwork advancing cybersecurity and innovation at Irwin Mitchell

Staying ahead of the curve

Setting and overseeing the information and cybersecurity strategy at Irwin Mitchell is certainly not without its challenges.

Chief among them is staying ahead of the constantly-evolving cyber threat landscape, although Graham admits the leading handful of threats, such as password stuffing, phishing and malware, have largely stayed the same for a number of years, while cloud configuration is becoming more of a risk as digital transformation takes place.

“Those threats are steady because they’re lucrative for the criminals behind them,” he continues. “It’s the way they are enabled and enacted that can change and you’ve got to keep up.

“If I think back to my genetics background and evolutionary biology, there's something called the Red Queen theory, which refers to the Red Queen from Alice in Wonderland running to stand still. In our industry, it’s an arms race and you have to run just to stand still and work hard to stay ahead.

“Technology itself also races ahead at break-neck speed, so keeping up is crucial. You don't want to wake up one morning and realise you haven’t modified your strategy to deal with that.”

The question of how to foster a security-aware culture is another issue keeping Graham up at night. 

He emphasises the importance of understanding how employees actually work and what matters to them. 

“They don't care about my security strategy,” Graham says, frankly. “They care about doing their job well and I need to help them do that securely, in a way that isn’t too onerous for them – otherwise, people just aren’t interested.”

Read the full report HERE

**************

Make sure you check out the latest edition of AI Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

**************

AI Magazine is a BizClik brand

Share

Featured Interviews

Featured

Rachel Bence

CIO at Queen Mary University of London

Rachel Bence, CIO at Queen Mary University of London, blends her research and IT management expertise to drive digital transformation and inclusivity

Read More

Shibu Nambiar

Global High Tech Business Leader at Genpact

A conversation with Shibu Nambiar, Global High Tech Business Leader: Shaping the future of business with AI

Read More
Ensuring the human element remains central to any kind of AI initiative is something I think about every single day
Shibu Nambiar
Global High Tech Business Leader at Genpact

Jay Park

Founder and Chief Development Officer at Digital Edge

Desperate to make an impact in the Asia-Pacific region, Jay Park couldn’t resist the lure of being involved in the launch of Digital Edge

Read More

Avner Papouchado

CEO at Serverfarm

With demand only set to grow, Serverfarm continues to pioneer sustainable, innovative and efficient data centre solutions as part of its long-term strategy

Read More

Ashley Lorraway

Director of Security Infrastructure, Research and Development at Okada Manila

While most people his age went into mining or agriculture, Ashley Lorraway chose to pursue a different path thanks to his family’s unrelenting ambition

Read More

Rachel Bence

CIO at Queen Mary University of London

Rachel Bence, CIO at Queen Mary University of London, blends her research and IT management expertise to drive digital transformation and inclusivity

Read More