* by Mark Matthews
In this exciting interview, Microsoft’s Chief Security advisor and top cyber security expert, Sarah Armstrong-Smith, reflects on her long and successful career. Discover what Sarah learned during the historic Millenium Bug and what businesses can do to keep up with rapid digital transformation.
In your role as the Chief Security Advisor at Microsoft Europe, what has been your proudest achievement?
Sarah Armstrong-Smith: For me, I actually joined Microsoft one week after the UK went into lockdown. So, I ‘ve actually spent my entire Microsoft career to date in my home office! It’s been quite interesting for me to be literally in the middle of a global pandemic, joining a new company, but also seeing the inner workings of Microsoft.
During everything going on, we had to keep Microsoft up as an entity. Microsoft has over 160,000 people worldwide, but they also had to make sure the current customers were supported, and that’s all the global Cloud and the data centres and all those types of things. Because of the pandemic, we’ve seen a massive acceleration to the Cloud as well, particularly collaboration sites like Teams.
We almost got a triple whammy, if you like, of all these things coming together; the capacity that was required, the help and support with all these things that have been going on. To see that from the inside and sort of see how Microsoft rose to the occasion and how they help customers has been phenomenal.
For me, it doesn’t really matter how bad things get. We’ve talked about some of these big, big crisis moments that we we’ve had over the years. I always focus on the opportunities. So, ‘what can we learn this?’, ‘what can we do better?’ And that’s where I get really excited. I’m really proud to be able to work for such an amazing company.
Having worked on the Millenium Bug, what did you learn from the potential threat?
Sarah Armstrong-Smith: I think having a background in business continuity has really enabled me to think about the big picture, those worst-case scenarios: ‘what’s the worst thing that could happen?’. We need to think wider, we need to think about incidents that are not just relevant to our own company, but issues that go cross sector and even across the world. That scope and scale is really important, and some of these major events have also triggered global changes, as well.
So, I think back, and I would say 9/11 was a really good example of a major incident, at massive scale, that we probably never seen before, how that was televised and the shock that came with it. It really brought home the impact of terrorism, and again, how important business continuity is at that scale.
That’s from small businesses up to those large enterprises, as well. So, ultimately, when we’re thinking about these threats, it’s not just about business continuity but cyber security attacks as well. It’s really about thinking holistically, thinking much, much, much wider. It’s about having resilience to all of these types of attacks and types of threats.
Considering the pace of digital transformation, how can businesses keep up with such rapid transformation?
Sarah Armstrong-Smith: I think it’s important to reflect on the fact that security is intrinsic to almost every business, particularly when we’re talking about digital. So, we really need to think much wider, much broader.
As we’ve talked about, with a global pandemic, many companies evaluated their business models, their working practices. They asked, ‘what happens next?’ Do we all go back to the office? Do we continue to work remotely? The reality is we’re going to work in this hybrid environment, where people have more choices about where they work from, what type of devices they use.
That ability to embrace the Cloud is really important because it enables them to try proof of concepts, new designs, spin up projects very, very quickly, which they might not have been able to do previously because of the time it takes to procure servers and storage, spin up projects and all of these types of things.
So, it really comes down to speed and scale, and that’s really one of the benefits of the Cloud. It’s really about taking advantage of all these different things that are available, and just really exploring.
I think that’s the bit I love, really. We’re talking a lot about being agile, which is the ‘fail fast, fail often’ philosophy. If you want to try something new, if you want to have these innovative projects, try it out, get some insight, run some analytics, and if it doesn’t work? Close it down.
I think that’s the agility and the flexibility of digital transformation; it enables companies and even individuals to experiment a lot more.
* This article was first published at the UK’s first dedicated website to Cyber Security Experts