From Threat to Defence: Keeping the deterrent cyber secure

Anna, one of our top cyber-security specialists, shares how cyber security is mission critical to AWE.

Turn on your TV, scan your newsfeed and you will no doubt be faced with details of the most recent cyber-attack targeting a well-established organisation. Look in your emails, look at your messages and you will probably have been targeted by a phishing email or scam message.

There is no escaping evidence of cyber-crime. Daily, organisations, institutions and individuals face threats from opportunistic to targeted phishing emails from ransomware campaigns to zero-day exploits. Threats are continuously developing and increasing in sophistication, with adversaries utilising Artificial Intelligence, supply chain infiltration and “Cyber Attack As A Service” where Cyber criminals have made a business out of selling their attack methods and services to our adversaries.

“

Cyber resilience and defence are, therefore, mission critical to AWE. Cyber Security is embedded into our people, processes and technology and it is vital that we understand the terrain and are preparing for what lies ahead.

Anna

AWE’s Cyber Security Operations Centre’s (CSOC) mission is Protecting AWE Assets & Our Nation’s Ultimate Deterrent by Detecting & Responding to Cyber Threats.

This starts with understanding our threats and the tactics and techniques used, by our adversaries. We are constantly proactively monitoring for adverse behaviours in our networks, proactively hunting the latest threat group and attack methods, creating new detections and improving our posture. We prepare and rehearse for the worst-case scenario ensuring the CSOC and supporting teams are ready to react should our fears of a compromise be realised.

“

Our adversaries do not stand still and nor do we.

Anna

People are vital to our success in prevailing over our adversaries. We, therefore, have a strong focus on creating a sustainable security conscious culture across AWE and with our partners. Occasions such as Cyber Awareness Month provide a great opportunity for the CSOC to involve our organisation with Cyber, setting challenges, providing advice and guidance and giving talks. We are committed to assisting our people to “Think Cyber” both at work and home.

In today’s digital landscape, cyber threats don’t wait – and neither do we. Staying ahead means being prepared, proactive, and resilient. At AWE Cyber is critical to our mission. It’s not just considered the responsibility of the CSOC; it’s a team sport embedded into our culture.

Q&A

How can people stay safe?

We can all play our part in defending against cyber attacks.

Did you know that over 68% of data breaches involve the human element, this includes, errors, social engineering and misuse. Specifically, credentials (passwords) were involved in 38% of breaches. (according to the 2024 Verizon Data Breach Investigations Report).

Passwords we can control. It takes 3 easy steps:

• · Make them long
• · Make them random
• · Make them unique

The National Cyber Security Centre (NCSC) suggest picking 3 random words to create a password that is ‘long enough and strong enough’. To make it easier you can consider a password manager – and check out the NCSC for more info.

Have you checked out the website Have I Been Pwned? You can use this to check whether your email address is in a data breach. If it has, you should change your password immediately. Have I Been Pwned allows you to set up notifications so you can be proactive with protecting your accounts.

How can I avoid scams?

Be wary of scams – email and online scams rise year on year resulting in loss of money, identity and control of our online accounts. The NCSC reported that as of August 2025 they have received 45 million reported scams. This time of year, with Black Friday and Christmas around the corner Cyber Criminals are getting ready to pounce. Why are scams so rife, simple, because people keep falling for them. Remember these simple tips so you don’t fall foul:

• · If it’s too good to be true it’s probably a scam
• · Don’t click links in emails (especially when they are not expected). Go to the website or your account directly.
• · If you are unsure if something is a scam search it up. Someone will have posted about it. · You can also seek guidance and report suspicious messages to NCSC and Action Fraud.

Remember, by reporting you are assisting in beating the cyber scammers and helping others stay secure.

What else can I do?

Cyber security isn’t just firewalls and passwords – it’s people. It’s us. Every suspicious email reported, every complex password, every time you stop and act with caution adds up.

So, let’s keep thinking cyber. Let’s stay sharp, stay informed and stay connected – together we can rise above the threats.

Think cyber and stay safe.