by Ian Massingham, Director of Developer Technology & Evangelism,
AWS Europe, Middle East and Africa (EMEA)
With the growing need for robust security practices, Ian Massingham, Director of Developer Technology & Evangelism, explores how UK companies ‘creating a culture of security’ are often better placed to innovate and adapt to disruption.
Enterprises around the world are constantly under pressure to protect their business, employee, and customer data. In the UK this is especially true, with the nation’s growing concerns around Brexit, and the handling and use of personal data. As a result, many enterprises are asking themselves, “how can we adapt and innovate while balancing security and regulation?”
Often, there is a misguided belief that this balance isn’t possible. But security isn’t a trade-off; it’s a means of protection and innovation, often a measure of quality in and of itself. Only when enterprises change their way of thinking about security can they begin to extract this dual value and implement it into their way of working.
To achieve this change of perception, UK enterprises need to understand that security isn’t the role of technology alone, but even more so it is the responsibility of the people in the enterprise. Moreover, security should be so much more than a duty, it should be a culture - promoted and celebrated by everyone. This way, security is an enabler, not a hindrance.
What I started to do in my organization is not just think about security as an extension... but it’s incorporated into everything we do. It’s creating awareness, creating that transparency.”
Chief Information Officer, adidas
In the UK’s Financial Services industry, Monzo is one AWS customer who is leading the way. In less than five years it’s gone from a disruptive idea to a fully regulated bank that has (so far) handled more than £1billion worth of transactions for more than 2 million customers.
The bank’s success is thanks in no small part to its technical decisions, such as running its core banking services in the Amazon Web Services (AWS) Cloud and opting for a microservices architecture. It’s also using separate AWS accounts which isolates different parts of their infrastructure and data, reducing the blast radius of failures or account compromise. This means that critical parts of the infrastructure remain unaffected. Many argue that their lack of technical debt has enabled this, but it’s much more than that. Their approach to technology and to security – for example, creating a culture of security, has played a role too.
This has enabled Monzo to enter what used to be an impenetrable market, offering an innovative and exciting new option for customers. Traditional banking has been shaken up, creating an exciting and dynamic new environment for end customers.
If Monzo proves anything, it’s that security and innovation do not work against one another, but together. To gain a better understanding of this philosophy, download the ebook “Creating a Culture of Security”, where my colleague, Mark Schwartz, discusses what it means to have a culture of security and how it could make all the difference to your business. When it comes to nurturing a culture of security, the UK’s start-up ecosystem is leading the way. We believe mature enterprises can achieve this too. Even those who feel tied down by their legacy systems can have the capability to react to our changing world.
About the author
Director of Developer Technology & Evangelism, AWS Europe, Middle East and Africa (EMEA)
Ian draws on over two decades of expertise in Internet technologies, technology operations leadership, architecture, and software engineering to help developers around the world, and in organizations of all sizes, from start-ups to large enterprises, apply cloud computing technologies, solve business problems, and exploit market opportunities.
Ian has been working with cloud computing technologies since 2008. He began his career in operations at an early pioneer in the internet hosting and access services market in the UK, and has since led substantial teams focusing on managed services, software engineering, technology operations and architecture within national and multi-national telecommunications operators. Prior to joining AWS in late 2013, he led systems engineering for customers in the telecommunications vertical at a global enterprise data storage and management technology provider.