Why cyber-strategy needs to be a board-level issue

Senior Support Analyst

Fav thing about the office

Cheesecake Wednesdays

As a child I wanted to be a ... when I grew up


Guilty Pleasure(s)

Gu Puds

Favourite Holiday

2 weeks in Florida

If I had a superpower it would be...

Definitely flying

Describe yourself in three words or less

Lots of Energy

An interesting fact about me

I was once the South Ribble Chess Champion.


Exercise, Muay Thai, Singin' in the rain

Favourite Band

Its not about the artist its about the style

Karaoke Jam

Vengabus- Vengaboys

What I do at Q2Q:

I head up the IT support team.

On a daily basis I work on resolving IT issues for our clients. My skill set tends to adapt according to the current needs of our customers, from solving basic matters like fixing a printer through to more complex server infrastructure deployment. I am also often out on site visiting customers that are in need of an IT saviour.

Within the team, I work on the proposals for new and existing customers, and ensure we all work together to implement the solutions we propose.

I enjoy overseeing new projects so that, when clients evolve, we can ensure their growth, office move and/or induction of a new team member, is as seamless as possible from an IT perspective.

I also drive the rest of the team insane with my singing!

Background and Achievements

I joined the Q2Q team when they were part of the I.T. department for the Tulchan Group 14+ years ago. This was my first full-time role straight of out A-levels. I have enjoyed being part of the company and watching it grow from 3 members of staff to a blossoming 10.

I find it hard to pin point specific achievements as one of my values personally is to always exceed your own expectations. My wife would say being a great Dad to my two boys.

A great achievement for me is getting 76 miles to the gallon on the motorway and being able to finally grow stubble.

Hobbies and Interests

I aim to train in Muay Thai twice a week and religiously go to the gym every day I can.

I can juggle and have always wanted to learn knife throwing.

As IT and cyber-threats continue to evolve at a rapid pace, SME owners are increasingly having to upskill in these areas – not only to keep up with the latest tech, but also in order to shape a cohesive and effective business model.

But whilst some have accepted that cyber-strategy is a vital topic for discussion in the boardroom, others are sceptical about who should be carrying the bulk of the responsibility. A recent study found that 84% of directors believe their IT department is able to protect them against a cyber-attack, yet although this good faith in your team is important, trust shouldn’t be used as a shield to deflect responsibility away from board members.

So, why exactly should cyber-strategy be given a place at the boardroom table?

Everyone is at risk

Perhaps we’re stating the obvious here, but it’s true that every employee – no matter their rank or role – is at risk of a cyber-attack. However, this is unfortunately a fact that tends to be forgotten about.

Whether your SME is hit by a data breach, malware infection or system virus, all employees will undoubtedly be affected. And whilst day-to-day cyber-security dealings should be managed by dedicated IT staff, the loss of personally identifiable information or an inability to access the internal network can happen to everyone.

Arguably, board members’ email accounts are at an even higher risk of being targeted then most, as they are more likely to contain sensitive business information and critical data. So, to avoid presenting a gateway of opportunity to cyber-attackers, it’s more important than ever to have security on your radar of corporate priorities.

Bottom-line decisions start at the top

Whilst heads of department may have control over team budgets, this is only after it has been allocated to them from the board. Therefore, it’s crucial that those in more senior roles take the time to understand the cyber-landscape and the evolving risks within it.

That’s not to say that as an SME business owner, you should be aware of all the intricacies surrounding IT operations. But you should incorporate it in your risk management strategy and take the necessary preventative measures advised by your in-house – or external – IT team.

Threats can come from within

We all know that cyber-threats don’t necessarily come from outside an organisation – employees can be one of the biggest dangers if they’re unaware about the types of threats out there. From clicking on a phishing email to visiting unsecure websites, one small action can have disastrous consequences for a business.

So, it’s important that senior-level staff members are on-board with implementing a successful cyber-strategy, not only because it sets a good example for the rest of the firm – but it also illustrates that a change in company culture and attitudes is needed.

Your reputation is on the line

In order to protect the organisation – and its reputation – if a data breach does occur, board members should frequently communicate with their tech teams and get involved in developing the defence strategy. This won’t only help avoid any fingers being pointed at the IT team, it will also help ensure peace of mind across the board, that all possible preventative action had been taken – at all relevant levels of the business.

If you need advice on how to create an optimised cyber-security strategy for your SME, feel free to contact our helpful team of IT experts!

Why cyber-strategy needs to be a board-level issue