The Sync NI team sat down with Chief Information Security Officer at ESO, Jonathan Cummings to find out about his journey, the company and the ever evolving threat of cyberattacks.
Jonathan has just recently started his journey as Chief Information Security Officer at ESO but has been in the cybersecurity industry for around 10 years. His role is to help the business protect their information and data and keep the business functioning despite any cyber threats they might face.
Jonathan tells us that he was attracted to a role at ESO mainly because of their mission to improve community health and safety through the power of data. The company provides an integrated suite of software products for emergency medical services (EMS), fire departments and hospitals.
ESO’s suite of software products enable EMS agencies to dispatch trained, equipped and informed professionals to help communities. The software seamlessly shares patient data with the receiving hospital to improve patient outcomes. ESO’s industry-leading fire software tracks incident data, property inspections, vehicle inventory and fire hydrants.
ESO then use the de-identified data they have collected from over 2,000 EMS agencies, fire departments and hospitals, for use in research and benchmarking projects to help improve community health and safety.
Jonathan says that the company's values are aligned with his own. He tells us: “ESO is actually making a difference in the world. The opportunity to be part of an organisation, on a mission that was actually doing something to contribute to society, was really appealing to me.”
The other thing that attracted Jonathan to ESO was the culture. He explains: “ESO has got a culture that most companies would be envious of. They look after their employees just the same way as they look after their customers and their customers look after the patients and so on.”
Jonathan also adds that every employee in ESO knows the mission of the company, believes in it and everything they do relates back to that mission about improving community health and safety through the power of data.
As Jonathan has been in the industry for around ten years he has had time to see how cyber attacks have evolved. He explains that although the goal is still the same in most cyber attacks, the tactics and techniques the attackers use have evolved, becoming more complex.
Jonathan also tells us that attacks have become more brazen. For example, at the moment, attackers are publicly advertising for employees to come and work with them to sell their credentials and sell their access.
Having previously worked for Financial companies, Jonathan is able to see the difference in attacks on fintech and healthtech companies. He tells us that difference isn’t really in the risks and threats but the impact the attacks have.
Jonathan explains: “The impact of an attack in a financial organisation is more of a nuisance, it's more of a disruption to someone’s life and routine, but whenever you then start to compare that to the implications of an attack in health tech, or an organisation like ours, that is totally different, where ESO is operating and working with emergency medical services the implications of cyber attacks are disastrous.”
He continues: “These attacks could generally mean the difference between somebody getting immediate life changing medical attention, or having to suffer the consequences of a delayed treatment.” He also adds: “Think of someone having a stroke - every second counts, we’re potentially talking about paramedics not being able to get access to the information they need to diagnose or treat that patient quickly enough. This is why we are seeing hospitals and organisations that work with the health tech sector taking great care to ensure that providers like ESO, have all the necessary cybersecurity protections in place, due of the severe implications of getting it wrong.”
Jonathan explains that cybersecurity is an ever evolving industry. Therefore, for those who want to get involved in the cybersecurity industry he believes the key thing is people being curious about the topic and wanting to know and learn more about it.
He tells us that it's not just the types of attacks that are changing, but it's how attackers do them, and why they do them too.. He adds: “It's not the sort of thing that you can do a one off training course per year and be happy that you know everything, you've got to want to come home in the evenings and read up about it or keep an eye on the news to see what's happening or research the latest technology.”
Jonathan also doesn’t believe that a third level education is necessary for everyone to work in cybersecurity. He tells us that there are a great number of cybersecurity apprenticeship schemes out there and ESO will be engaged in a number of those in the near future. He explains that “in previous roles, individuals from all sorts of careers transition into cybersecurity but the one thing they all had in common was before they applied for their first role, entered into an apprenticeship scheme, or took on a degree, was that they all took the time to learn and develop themselves beforehand. They had a curiosity about the topic and wanted to understand it.”
Jonathan's best advice to those who want to get involved in cybersecurity is “Only enter into it if it's something that you're genuinely interested in. This is not a nine to five type job, these attackers have this horrible habit of attacking us at the worst possible moments. If you still want to work in cybersecurity, then learn the basics either through an apprenticeship, third level education or by undertaking training such as CompTIA Security+ and build on it from there.”
Jonathan concludes: “You have to go into it with your eyes open and realise that you're going to have to constantly develop yourself. However, there are great rewards in cybersecurity, lots of opportunities to try new technology and try new things, possibly even travel depending on the company that you're in. It’s definitely worth doing but it’s an intense career path.”
This article first appeared in the Spring 2022 edition of the Sync NI magazine. You can download your FREE copy and sign up to receive future digital editions here.
