Cybersecurity at the Edge: A Q&A with cyber security analyst Mark Ward

I recently sat down with Mark Ward - analyst at the Information Security Forum and former BBC technology correspondent - to explore how CISOs and boards must navigate a threat landscape shaped by geopolitics, ransomware, and emerging tech.

Below, we discuss CISO liability, ransomware, global conflict, and AI investment, distilling Mark's insights into actionable takeaways for modern security leaders.

Watch the full video 

1. CISO Personal Liability and the War for Cyber Talent in the US

Michael Gonzalez: In the US, the debate around personal CISO liability is growing. Is this making leaders more effective or driving top talent away?

Mark Ward: Many CISOs already act as the company's conscience. Liability laws simply formalise this, forcing boards to treat them as true C-suite executives rather than back-room technical advisors. The dismissed SolarWinds case shows how hard it is to prove negligence when infosec teams document everything. Ultimately, ‘battle scars’ from major incidents often strengthen a CISO's resume.

Michael Gonzalez: How should boards and CISOs use this debate to rethink accountability?

Mark Ward: It is a powerful forcing function. If boards worry the CISO could be charged, they can no longer pretend risk lives solely in IT. CISOs are pushing back: if the business takes bold operational risks, leadership must own them. It drives clearer conversations about what risks the board is knowingly accepting.

2. Ransomware in the UK: Target Selection, Pressure Tactics and Board Response

Michael Gonzalez: Ransomware continues hitting UK supply chains. What shifts are you seeing in how attackers target and pressure victims?

Mark Ward: Attack volume is up, but fewer organisations are paying, showing better recovery capabilities. In response, attackers now target backups first to force payments. We are also seeing a pivot towards operational technology (OT) and production systems. When a major manufacturer goes offline for months, it becomes a severe economic shock.

Michael Gonzalez: What practical governance changes should UK boards prioritise today?

Mark Ward: Boards must address the collapsing boundary between IT and OT. IT prioritises confidentiality and availability; OT prioritises physical safety and reliability. Governance must blend these so IT disciplines protect OT without compromising safety. Resilience must become reality: immutable backups, rehearsed recovery plans, and clear decision-making frameworks for crisis moments.

3. Geopolitics, Conflict and the True Shape of the Cyber Threat Landscape

Michael Gonzalez: Has recent geopolitical tension dramatically expanded the threat landscape, or just exposed existing risks?

Mark Ward: Both, but it has definitely escalated. State tolerance for cybercrime has grown significantly. We are seeing nastier attacks, including destructive operations aiming to wipe systems rather than demand ransom. Furthermore, most developed nations have integrated cyber units into their armed forces; cyber is now a standard, active theatre of modern war.

Michael Gonzalez: What does this mean for businesses managing their daily cyber risk?

Mark Ward: Cybercrime is now a shadow economy, sometimes propping up regimes. For organisations, the focus must shift from pure prevention to genuine resilience - assuming you will be breached. Amidst fragmented global regulations and rising attacks, looking after your security team is vital. Burned-out professionals leave the industry and rarely return.

4. Beyond the Hype: Where Cyber Leaders Should Prioritise Emerging Tech Investment

Michael Gonzalez: Amid hype around AI and post-quantum encryption, where should CISOs actually focus their investments?

Mark Ward: Quantum computing is somewhat hyped; the day it breaks encryption remains distant. Instead, organisations are slowly upgrading their encryption pipelines with post-quantum algorithms - difficult, but essential work. With AI, recent years have focused on data foundations. Now, organisations are cautiously letting AI guide decisions, with mixed results.

Michael Gonzalez: How real are the risks surrounding ‘agentic AI’ and developer copilots?

Mark Ward: While agentic AI can subvert systems, cybercriminals already have effective tools. Defensively, many people find agent-based security projects fragile and impossible to debug. A more immediate risk is developer over-reliance on AI copilots. If senior engineers lose their mental model of how systems integrate, nobody truly understands the software estate.

As cyber threats evolve from IT problems to full-blown boardroom crises, how you communicate during an attack can make or break your brand's reputation.

At Clarity, our dedicated PR and crisis communications teams specialise in helping businesses navigate these exact scenarios. Whether you need to proactively stress-test your incident response plans, align your executives on cyber risk messaging, or require immediate, round-the-clock crisis management when a breach hits, we have the expertise to protect your reputation.

Get in touch with us today to ensure your communications strategy is as resilient as your infrastructure.