In episode 43, Mandy Haeburn-Little is joined by Joseph Boland-Scott, Security Product Marketing Lead at Microsoft, to discuss the topical issue of Deep Fakes.

In a light-hearted start to the conversation, Mandy opens by asking Joe how she can be sure that it really was him on the call. Joe responds by providing some great suggestions about how you can look out for specific audio or video cues to help spot fake audio and video.

Joe goes on to explain the difference between Deep Fake and AI-generated content; in general terms, he explains that AI content is created from scratch for legitimate purposes, whereas Deep Fake is more about image, video and voice manipulation and is more often than not used much more for malicious purposes.

Mandy and Joe then chat about the areas we are seeing Deep Fakes being used, to which Joe provides some of the more common examples, such as in the onboarding of new employees remotely, where the team has never met the new employee. In these helpdesk vulnerabilities, cybercriminals are posing as current employees looking to restore access to their devices.

Mandy then asks what you should do when you suspect something is not quite right. Joe outlines typical things to look for when you don't feel everything is 100% right. Primarily, question if the person you think you're speaking to would contact you on a particular channel, or would they make such a request at an unusual hour?

By way of encouragement, Joe points to the fact that people are generally much more aware of telephone scamming than they were a few years ago. So, he suggests, in the same way, people will get better at questioning the authenticity of audio and video content. However, he emphasises that awareness is only a small part of the solution; there is a need for much greater collaboration among tech, policy and education to combat the increasing criminal use of Deep Fake.

It is a fascinating insight into the world of Deep Fakes and how to identify and protect yourself against this growing threat.

Microsoft has many resources and guidance to help with cybersecurity awareness. You can explore these here.

Joe also refers to Microsoft's Digital Defence Report, which you can download here.

In episode 42, Mandy Haeburn-Little is joined by Gordon Adam, Manager, Cyber Threat Intelligence Partnerships at Mastercard.

Gordon begins by explaining his role and how his department serves as the first port of call for incidents of cybercrime or fraud. He describes how they operate proactively by analysing the threat landscape and reactively responding to incidents and emerging threats.

Mandy is also keen to understand why Mastercard has earned a reputation for being approachable, particularly for SMEs. Gordon then highlights how 'doing the right thing' is a fundamental part of the company's culture; they are keen to make business owners feel secure, and that's why they provide resources such as the GCA Toolkit and Mastercard Trust Centre. For Mastercard, it's about sharing their wealth of knowledge, especially with the SME community. He also explains how they invest time and effort in creating the right messaging when it comes to cyber; Mastercard break it down to make it interesting and simple for those not familiar with cyber. Fundamentally, they are keen to promote the idea that every step an SME takes will improve its resilience.

Gordon also outlines some of the red flags that SMEs should look for, such as unexpected logins, suspicious emails, and tech update prompts. His advice is to start with employee training to build an understanding of the threats and how to prepare for them.

The two discuss why it's essential that businesses feel safe when adopting new technology; otherwise, it can stifle innovation and growth. It is in everyone's interest that businesses thrive, so by providing free support and guidance, Mastercard is helping them become more resilient and confident when adopting an inclusive attitude to new technology.

Gordon offers advice on where to start, reiterating that it's about the basics, including visiting the Mastercard Trust Centre, exploring the GCA Toolkit, and the Cyber Readiness Programme. He also emphasises it's all about preparedness and recommends the GCA Toolkit as an accessible and free resource with actionable guidance to reduce cyber risk.

In conclusion, Mandy asks Gordon how he feels about the industry, to which he responds that it is worse in terms of the volume of attacks. However, he also points out that we are much better prepared than we were in the past. The knowledge of how to mitigate and respond, as well as our capabilities in defence, is significantly greater than it was a few years ago.

His final comments are sound advice, stating that preparation is the best defence. Take the time now to accept advice and have a response in mind, rather than panicking when something goes wrong.

In episode 41, Mandy Haeburn-Little is joined by Justene Ewing, Vice President, Health, Care and Life Sciences for UK & Australia at CGI.

It is a fascinating conversation that explores the role technology plays in healthcare and the associated risks as we adopt digital solutions to improve services and productivity.

Justene outlines some of what we already know about the Government's 10-year healthcare plan; primarily that the following three essential elements will be the main focus:

1. Helping people to stay in their home environment
2. The role that data will play in helping the NHS workforce and the patients, and the family's relationship with their data
3. Prevention before cure

Justene explains why digital and data is the 'Golden Thread' running through all three, and why it is increasingly vital to help cope with the demands and pressure on the NHS, which is set to increase significantly in the coming years.

Justene highlights that while digital can improve productivity, she warns that the more we rely on and introduce digital solutions, the greater the risks become. She also believes that while it is getting better, there are still misconceptions around the board table about the scale of the risk, and perhaps even whose 'headache' it is! But, she also acknowledges there's no easy solution because budgets, resources, and capabilities are all very challenging.

On the fascinating topic of AI, Justene touches on the misuse of tools like ChatGPT, which is caused purely by a lack of understanding of the risk and where the data is shared. She advises that while they are great tools that will save time, the risk must be adequately managed.

Justene cites some good examples of how AI is being used to make a difference in healthcare in areas like screening and bed management. These are excellent examples of how AI has been developed with a purpose, rather than innovation for innovation's sake. Her main point around the increasing adoption of AI solutions is that we must ensure there is complete transparency so that we have total confidence in data and that there will always be humans in the loop.

It is a fascinating conversation and insight into the adoption of technology in the health sector and why we must ensure the data is safe in order to prevent the disruption and threat to critical care at all times.