Cybercrime, Risk Appetite and the Quest for Digital Trust

At a Studio panel discussion at BAFTA 195 Piccadilly, leading technology executives shared insights on the importance of digital trust, from tackling AI risks to overcoming operational technology challenges.

Cybercriminal groups continue to exploit vulnerabilities in a data-rich, hyperconnected world. As cybersecurity threats increase, from a myriad of sophisticated actors, organisations must continually enhance their security measures to protect their employees, customers and brand image—and avoid regulatory action.

In this panel discussion at The Studio, in partnership with Tata Communications, leading technology executives discuss how to get to digital trust – and ultimately business resilience—through robust cybersecurity, business continuity and compliance with an evolving regulatory landscape.

Meet the speakers

With HotTopics Editor Peter Stojanovic moderating the roundtable discussion, the panellists included:

• Srini Kollur, Vice President, Global Solution Engineering, Tata Communications
• Tracey Jessup, Chief Transformation Officer, De Montfort University
• Richard Frost, CISO, Esure
• Thomas Zuliani, Global CISO, Arla Foods

Digital trust: overview

• From awareness to simplification
• Future-focused digital trust strategies
• AI policies and smart campus integration
• Cybersecurity and operational technology challenges

From awareness to simplification

“Early 2023 and 2024 were about awareness-raising.” Tracey Jessup explained, This approach focused on using relatable examples to emphasise the risks and consequences of cybersecurity failures to the Board—helping stakeholders understand the urgency. 

“Many universities in Britain, probably throughout the world, don't have cyber essentials.

And I realised that about two weeks in when I was in a sector meeting and I nearly fell off my chair because I come from somewhere that was spending multi-millions of pounds on cyber security.”

Cultural transformation was another focus when it came to cybersecurity awareness within organisations. “Nowadays, safety is all across the company. Every employee is wearing helmets and protection. I think we need to do the same with cybersecurity.” However, Thomas noted that the challenges remain: “You can invest a lot of money in tooling, but you are having gaps in governance processes. For me, what is more important is the culture of the organisation.”

The discussion jumped from awareness to simplification. “You reach a point where you don’t even know why something is there.” Srini Kollur argued that now, leaders are adopting new strategies such as “Zero Trust network access,” improved observability, and integrated IT and OT operating models. This shift has transformed the role of providers from simply delivering products to becoming trusted partners.

Future-focused digital trust strategies

Based on lessons learned this year and throughout their careers, the leaders of the panel are focusing on ambitious plans for 2025. One such initiative involves advancing digital trust by upping the level of AI-driven customer interactions. 

Organisations with large call centres, such as Esure, aim to reduce reliance on telephony through AI chatbots— “I think guardrails within AI is a key initiative for next year,” said Richard Frost. These bots, currently operating under human validation to ensure quality, are expected to evolve into direct customer-facing tools.

"At the moment, there’s always a human in the loop validating what the AI suggests to the contact centre agent," Richard noted. "In the future, we're going to be having these conversations directly with the customer. But we need the guardrails in place to be able to detect if a chatbot is hallucinating-whether it's factually incorrect."

While exploring technologies like WhyLabs for proof of concept, it remains clear that existing tools are not yet fully matured. The development and deployment of these guardrails are an obvious priority for Richard for the coming year. Implementing this will require careful testing to ensure that AI interactions end up being accurate and reliable.

AI policies and smart campus integration

As ever, AI remains a hot topic across industries, and higher education is no exception. At De Montfort University, AI is central to their vision for the future. "We’ve just launched our first global policy around the use of AI for research, teaching, and as a corporate policy," Tracey Jessup shared. "We’re the first UK university to appoint a Pro Vice Chancellor for AI, which shows De Montfort's ambition from a teaching and learning and research perspective."

The university is integrating AI into courses to prepare graduates for future demands—they are already leveraging AI in their Fashion program, with plans to extend this to other disciplines. Tracey expects that this AI policy will likely evolve “I expect us to keep on having to refresh that in the next year. I think it's moving really, really fast.” 

At the same time, De Montfort is advancing what they call their “10-year master plan” incorporating smart campus technology. While ambitious, the initiative needs to weigh the practical considerations—ensuring IoT-driven systems do not compromise security or efficiency. “It's a Leicester master plan because it's a built environment master plan. I think once we have signed off at board level what our level of ambition and risk tolerance is for some of that then we can think about how we could apply it to our other campuses," Jessup explained.

Cybersecurity and operational technology challenges

Cybersecurity and digital trust go hand-in-hand, with organisations making significant strides in building more robust security programs. Thomas Zuliani commented on a dramatic team expansion from two members to 177 in just 12 months, further highlighting the sector’s rapid growth. 

Operational technology security, however, presents unique challenges. As IT and OT merge together, new tools and policies are required to ensure a hassle-free way of monitoring and managing this. Srini Kollur believes that managing OT and IT should be in focus, "sometimes network policy will conflict with security policy and it could cause confusion."

Kollur’s main area of interest, however, is quantum cryptography, particularly in network encryption. “How do we secure it? How do we manage distributed privilege access management?” The increased demand for quantum cryptography underscores the need for more secure and scalable solutions to meet growing customer demands. 

Watch the full Studio roundtable discussion to explore further insights on building digital trust, enhancing cybersecurity and navigating the evolving challenges of a hyperconnected world.

This roundtable was made in partnership with Tata Communications.