Tech & AI LIVE London: Cybersecurity Strategies Panel
A panel of cybersecurity experts took to the stage at Tech & AI LIVE London to examine how organisations should rethink their defence strategies in the face of rapidly evolving threats.
Hosted on the Cyber Stage, the panel titled Cybersecurity Strategies brought together:
- Justin Kuruvilla, Chief Cyber Security Officer at Risk Ledger
- Stuart Seymour, Group CISO and CSO at Virgin Media O2
- Nick Godfrey, Senior Director, Global Head at Google Cloud
Threats aren’t new, but they’re always evolving
The session opened with a timely reference to recent UK cyber attacks.
The panel unanimously agreed that while the tactics may vary, these aren’t new threats — just newly repackaged.
“If it was spear phishing, have we learned anything new? I don't think so,” said Justin, pointing to the long-standing nature of such techniques.
However, he acknowledged the need for an ‘assume breach’ mentality.
Stuart added that the threat landscape is in a state of constant evolution: “Every time we shut one door, they go and open another.”
Nick stressed the importance of approaching cyber threats as an organisation-wide risk: “It’s not just a security problem. It becomes an IT and business architecture problem as well.”
He highlighted that with increased digital transformation, the surface area for attacks has expanded significantly, making it even more critical for security to be a board-level concern.
Risk, resilience and whole-business strategies
As the conversation deepened, the focus shifted to the concept of resilience and risk management.
Stuart framed the challenge as one of prioritisation, noting: “Security done badly is the worst thing in the world. The question I hate most is, ‘Are we secure?’ Because the answer is no.”
Nick built on this by arguing for a three-to-five-year security strategy that modernises technology stacks alongside short-term controls.
“Boards don’t need convincing that security matters — they need help understanding how much to invest, where to invest, and how to do it strategically,” he said.
In response to a question about legacy tools left dormant, Stuart criticised “shiny shiny tool” culture.
“You’ve got a lovely new car that nobody knows how to drive,” he said, adding that organisations often invest heavily in tools without developing the people and processes needed to use them effectively.
The panel agreed that internal capability is key.
At Virgin Media O2, for instance, in-house teams configure and run security tools to avoid vendor dependency and to upskill talent.
Nick echoed this with an example of vulnerability management, explaining that the issue is rarely the tools themselves but the legacy architecture and lack of processes to act on the insights.
AI: Overhyped buzzword or cyber defence enabler?
Naturally, the conversation turned to AI — both as a threat vector and a tool for defenders. The consensus was that AI is a double-edged sword.
“It’s friend and foe,” Justin said. “It depends how it’s deployed. Done right, it can make defenders more effective. But misuse or blind adoption exposes new risks.”
He also raised concerns about sensitive data exposure and training gaps, urging a more deliberate, business-aligned approach to AI integration.
Stuart, in typical candour, compared the AI hype to Rickrolling: “It’s just now the new hype. Silver bullet, now with AI.”
But he acknowledged AI’s potential when applied properly — at Virgin Media O2, for example, AI is already saving US$900,000 a month by automating time-consuming tasks, freeing staff for high-value threat hunting.
Nick added that while adversaries are using AI to improve phishing quality and speed, “we’re not yet seeing novel AI-based attacks”.
For now, he said, defenders still have the upper hand, provided they embrace AI with a clear purpose and robust training.
The panel closed by reiterating that people remain the most critical asset in cybersecurity.
“People are our most vulnerable and most powerful asset,” Stuart said. “They’re the ones who’ll stay up all night during an incident.”
Essential diary dates for 2025
Discover the essential diary dates for Technology Magazine and AI Magazine and its sister publications Mobile Magazine and Data Centre Magazine.
To follow Tech & AI LIVE on LinkedIn, click here.
To enter for the Global Tech & AI Awards, click here.
- Tech & AI LIVE London + Cyber LIVE London | 14-15 May
- The Global Tech & AI Awards | 14 May
- Tech & AI LIVE Singapore | 4 November
- Tech & AI LIVE New York | 18 November
Explore the latest edition of Technology Magazine and be part of the conversation at our global conference series, Tech & AI LIVE.
Discover all our upcoming events and secure your tickets today.
Technology Magazine is a BizClik brand

