Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 7 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Q&A: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong

Cybersecurity expert Purvi Kay spoke to the IT Security Guru about what it takes to be a true cyber leader and what the future of the industry may hold

by Guru Writer
February 20, 2026
in Featured, Insight
Q&A: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong
Share on FacebookShare on Twitter

Cybersecurity threats continue to escalate in scale, speed and sophistication, placing growing pressure on organisations to move beyond reactive defences and rethink how risk is governed at leadership level. As digital systems underpin everything from national infrastructure to day-to-day business operations, failures in governance, communication and accountability are increasingly being exposed as critical vulnerabilities. At the centre of this challenge is Purvi Kay, a senior cyber security leader with experience operating in some of the UK’s most complex and high-stakes environments. With a background spanning defence, public sector security and secure-by-design leadership, Purvi is widely recognised for reframing cyber security as a cultural and leadership issue, not simply a technical one.

Her work focuses on helping organisations translate cyber risk into clear, board-level understanding, embed security at the point of design, and build resilience through people as much as technology. In this exclusive interview with the IT Security Guru, conducted via the Cyber Security Speakers Agency, Purvi Kay shares her perspective on leadership accountability, the evolving threat landscape, and what effective cyber resilience really requires in practice.

What’s the most common cyber security failure you see organisations make?

“I think we hear it a lot, and this is also one of my personal views. In cyber security, leaders think of it as a technical problem and they forget that there is a technical element to it, but it is actually a leadership and culture issue as well.”

“Most of the cyber security issues and problems we see come from weak governance, for example. They come from poor communication. When your technical experts are not able to translate all that technical jargon to your leaders to make business sense, they’re not able to make informed decisions. So that poor communication is also something very key to security.”

“Also when there’s unclear accountability within the organisation, who’s doing what, who is responsible, who is accountable for all these risks, I think those things are undervalued, and that is one of the biggest mistakes that we’re making currently.”

“I feel that cyber doesn’t fail because of just not having good tech, but it fails because culture fails, and so we really need to tap into culture. So the technology that we are pumping so much money into is great, but it’ll only work when our people and our governance and our leadership work in cohesion.”

What qualities define an effective security leader today?

“Generally for any leaders you think about strategic vision, you think about empathy, you think about influencing ability, but the best leaders I’ve seen in security are those that can translate complexity into clarity and those that can bring the organisation along with them.”

“It is very difficult for leaders to sell security. Security is always seen as a barrier, but great leaders are able to show the organisation that security is actually an enabler and it should be thought about at the forefront. It should be thought about at board level, and those people who are able to do that are really good cyber security leaders, or security leaders in general, because they don’t just manage risk, but they inspire clarity. They inspire confidence, and they bring about collective responsibility in the organisation.”

How do you see the future of security evolving, especially with AI and “secure by design”?

“I see security is shifting towards proactive intelligence driven models. Especially with the AI, we are also seeing a lot of AI accelerated threats. We’re also seeing security shifting to a more secure by design approach, where that is brilliant because we’re now looking at security being embedded at the forefront of everything you do, everything you build, which is a great approach.”

“But what I’m also seeing at the centre of all of this is human resilience. I know there’s a lot of hype about AI replacing humans, but I think that without human resilience within the midst of this, AI is not going to work. So we need that human element to it as well.”

“What I’m also seeing is a shift in security is global collaboration. I think our allied nations are realising that we’re in it together and we need to collaborate even more. So in terms of the future of security, I feel that it is built on AI, but it’s where all that is embedded in the design, and all of this is needed to be powered by human resilience globally.”

In your keynote talks, what do you want audiences to think, feel and do afterwards?

“Normally, when I’m speaking in my public engagements, I want the audiences to feel empowered, and I always go with that intention for audiences to feel empowered.”

“I want the audiences to feel that they can challenge the norms and they can embrace inclusivity, whether it’s about inclusive security, inclusive leadership, and bringing in diversity in their organisations. I want them to think about how very small changes in behaviours can shape the culture in their organisations.”

“But one point I’d make is, when I speak I just don’t want the audience to listen. I want to inspire them to take away some action points that they will go and implement and create positive impact in the world. If after I’ve spoken the audience leave feeling that they can personally drive some change, then I feel like my job is done and transformation the world has already begun at that point.”

ShareTweet
Previous Post

Cyber Runway to Centre Stage: How Plexal Is Accelerating Innovation and Championing Women Leaders

Next Post

Check Point Software Earns Leader & Fast Mover Position in GigaOm Radar for Cloud Network Security

Recent News

pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol