Phishing for Trouble from IO (ISMS.online)

Scaling Securely: What High-Growth Firms Get Right

21 min · 18. juni 2026
episode Scaling Securely: What High-Growth Firms Get Right cover

Description

What happens when your business grows faster than its foundations can handle? In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore why the companies that scale successfully aren’t necessarily the ones that achieve compliance fastest. They’re the ones that build security, privacy and governance into the way they operate from the very beginning. They’re joined by cyber leader Purvi Kay, whose experience spans government, aerospace and FTSE 100 boardrooms and Andy Ellis [https://origin.csoandy.com/bio/] cybersecurity advisor, former Chief Security Officer at Akamai and author of 1% Leadership. Hear why “security debt” can quietly build as startups race to grow, why compliance should be treated as a product featureand how resilience becomes a competitive advantage as organisations scale. From secure-by-design principles and embedded security teams to risk appetite, customer trust and leadership accountability, this episode explores what high-growth firms get right and why resilience is about far more than passing an audit. Find out more at ISMS.online [https://www.isms.online/]

Comments

0

Be the first to comment

Sign up now and become a member of the Phishing for Trouble from IO (ISMS.online) community!

Get Started

1 month for 9 kr.

Then 99 kr. / month · Cancel anytime.

  • Podcasts kun på Podimo
  • 20 lydbogstimer pr. måned
  • Gratis podcasts

All episodes

21 episodes

episode Privacy as Power artwork

Privacy as Power

What happens when privacy stops being a legal issue and starts shaping whether your business can grow?  In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore why privacy is now a commercial issue, not just a compliance one. They’re joined by Joe Jones, Director of Research and Insights at the IAPP, and Jennifer Appleton, Managing Director at ISO Quality Services, to discuss how organisations are turning privacy into a source of trust, resilience and competitive advantage. Hear why businesses are losing deals, slowing procurement and stalling expansion plans because they can’t clearly explain howdata is being used and why frameworks like GDPR and ISO 27701 are becoming essential foundations for growth. From privacy by design and AI governance to customer trust and cross-border data challenges, this episode explores why the organisations embedding privacy into the way they operate are often the ones moving faster, scaling smarter and building trust that lasts. Find out more at ISMS.online [https://www.isms.online/]

9. juli 202631 min
episode What the Regulators Want artwork

What the Regulators Want

Today, regulators don’t just want compliance, they want accountability and resilience. In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore how the shift of expectations isn’t just about speed, it’s about demonstrable, baked-in compliance. Regulators are no longer passive; they’re proactive, prescriptive, and punitive. They’re joined by Paul Vane [https://jerseyoic.org/team/paul-vane-0], the Information Commissioner for the Jersey Office of the Information Commissioner, a man who has worked in privacy and data protection for over two decades and uniquely equipped to clarify how the relationship between company and regulator should work, and why sometimes it doesn’t. Hear what you should be planning for, months or years before a breach, how the mindset for crisis readiness needs to be a continuous process rather than a periodic exercise, and how themember of staff best equipped to cope, should the worst happen, often isn’t from the senior leadership team.   The ultimate ambition is to shift the culture from “responded well” to “being able to see it coming”. It’s no longer enough to simply recover in a crisis, the expectations are now to think about future risks and show some evidence of how you mitigated those dangers ahead of time. Find out more at ISMS.online [https://www.isms.online/]

2. juli 202619 min
episode The Cost of Doing Nothing artwork

The Cost of Doing Nothing

What does a cyber incident really cost a business? In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore the hidden commercial impact of weak security, poor compliance and delayed investment in resilience. They’re joined by Alan Hughes, Chief Operations Officer at Savenet Solutions, who has worked with organisations before, during and after major cyber incidents witnessing the long-term fallout that often never makes the headlines. Hear why the real damage doesn’t stop with the breach itself, from lost contracts and stalled growth to reputational harm thatcan take years to recover from. The episode explores why smaller businesses are increasingly being targeted, how supply chain requirements are reshapingcustomer expectations and why doing nothing can quickly become the most expensive decision a company makes. From ransomware attacks and failed security questionnaires to business continuity, tested backups and recovery planning, this episode looks at what separates the organisations that recover quickly from the ones left trying to rebuild. Find out more at ISMS.online [https://www.isms.online/]

25. juni 202622 min
episode Scaling Securely: What High-Growth Firms Get Right artwork

Scaling Securely: What High-Growth Firms Get Right

What happens when your business grows faster than its foundations can handle? In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore why the companies that scale successfully aren’t necessarily the ones that achieve compliance fastest. They’re the ones that build security, privacy and governance into the way they operate from the very beginning. They’re joined by cyber leader Purvi Kay, whose experience spans government, aerospace and FTSE 100 boardrooms and Andy Ellis [https://origin.csoandy.com/bio/] cybersecurity advisor, former Chief Security Officer at Akamai and author of 1% Leadership. Hear why “security debt” can quietly build as startups race to grow, why compliance should be treated as a product featureand how resilience becomes a competitive advantage as organisations scale. From secure-by-design principles and embedded security teams to risk appetite, customer trust and leadership accountability, this episode explores what high-growth firms get right and why resilience is about far more than passing an audit. Find out more at ISMS.online [https://www.isms.online/]

18. juni 202621 min
episode You’re compliant, are you resilient? artwork

You’re compliant, are you resilient?

What happens when a cyber attack doesn’t just disrupt your business, but stops it completely? In this episode of Phishing for Trouble, IO’s Rebecca Harper and David Holloway explore why resilience has become a defining business challenge fororganisations of every size. Using the Jaguar Land Rover cyber attack as a case study, alongside insights from cybersecurity expert Pierre Noel and Professor Ciaran Martin, founding CEO of the UK National Cyber Security Centre, they unpack the growing gap between compliance and genuine operational resilience. Hear why businesses are moving from prevention to preparedness, why supply chain resilience matters now more than ever, and why the organisations best placed to survive disruption are the ones building resilience into every part of their operations. Find out more at ISMS.online [https://www.isms.online/]

11. juni 202638 min