Sky's CISO and head of content protection, Philip Davies, alongside Nina Barakzai, Sky's group head of data protection, took to the stage this morning at Cloud and DevOps World 2016 to discuss Sky's data governance strategy.
Now with 30,000 staff and 21 million customers, Sky established the duo's departments to take a three-pronged approach to tackling risks by concentrating on company culture, suppliers and data security.
Describing themselves as a ‘strategic double act', Barakzai and Davies say they work together to ensure real-time security updates are fed throughout the company to both employees and the board of directors.
According to Davies, it becomes easier to define a risk strategy when everyone is aware of a threat or a breach, and when both Barakzai's team of data protection officers and Davies' team are on the same page, it becomes easier to communicate with different teams and mitigate the issues.
Davies highlighted they are also members of certain forums for the purposes of information sharing within their industry – of course, under a strict non-disclosure agreement.
As a telco, ISP and broadcaster, Sky makes great efforts to “make use of any (authorised) channels in order to communicate with employees,” of any potential threats and things which are affecting Sky's systems, Davies said.
And it is through these channels that Sky trains its employees in cyber-security awareness.
Davies said that when there is a time-sensitive issue, this method of communicating with employees through chat rooms, the staff intranet, emails and a security microsite means they are quickly able to get everyone on board – at a staffing cost of only one-and-a-half team members, he added.