Stephen Faulkner

Chief Technologist - Security

Stephen is a cybersecurity expert with a unique background in both the military and IT. As Chief Technologist for Security at CDW UK, he helps organisations strengthen their security and adapt to ever-changing threats by focusing on practical solutions that combine people, processes, and technology.

About Stephen

As a cybersecurity evangelist and solutions expert, Stephen emphasises the critical importance of understanding the unique business dynamics within each organisation to craft effective strategies against the myriad cyber threats they face. Enhancing security posture and mitigating risks requires deep contextual insight into how an organisation operates today and how it may evolve in the future.

Beyond industry-specific intelligence and contextual awareness, Stephen advocates for a foundational understanding that people, processes, and technology are integral to building a robust security posture and achieving true cyber resilience.

Stephen began his career in the British Army as a junior leader in the Royal Signals. As a soldier and communications specialist, he spent much of his time operating military-grade communication systems and supporting specialist intelligence-gathering operations. In the early 1990s, Stephen was deployed as one of the renowned "Desert Rats" during Operation Desert Storm, a coalition mission to liberate Kuwait from hostile forces.

Upon leaving the military, Stephen made a natural transition into IT and communications. Over the next 17 years, his career evolved as he demonstrated expertise in engineering, troubleshooting, solutions architecture, technology, and leadership. He began as a data and networking commissioning engineer, focusing on implementing secure networking systems for the military. Subsequent roles in IT and networking enabled him to broaden his skill set, eventually becoming a trusted technical authority and advisor. This foundation paved the way for a deliberate shift into cybersecurity.

Stephen’s first role in cybersecurity was as a programme director for a prominent financial services client. In this capacity, he managed a comprehensive security transformation programme, which included implementing all security infrastructure, software, and services for the client’s high-availability production and corporate environments. He also oversaw the creation of a next-generation security operations centre, leveraging cutting-edge tools to enhance the organisation’s security posture. This role was a turning point, deepening Stephen’s understanding of the complexities of cybersecurity and positioning him for further success in the field.

Over the next 13 years, Stephen excelled in cybersecurity roles, including Principal Solutions Architect, where he helped clients design and implement complex solutions that combined leading-edge technologies and services to meet their objectives. His leadership capabilities were recognised, culminating in an EMEA leadership position in solutions architecture and a place on the UK executive board of his previous organisation.

Continuing to seek new challenges, Stephen joined CDW as our Chief Technologist for Security.

In his current role, Stephen serves as the voice and strategic thought leader for CDW UK’s Security Growth Pillar. He advises clients on emerging industry trends, helping them enhance their security posture and build cyber resilience in an ever-evolving threat landscape. As CDW UK’s Security Brand Ambassador, Stephen plays a vital role in shaping the company’s success and relevance in the market.

As a member of CDW's Office of the CTO, Stephen collaborates with leaders across the Integrated Technology business to develop and refine strategies aligned with market dynamics. His contributions include creating business cases and roadmaps that deliver significant value to customers, further solidifying CDW’s reputation as a trusted partner in the cybersecurity domain.

  • 7 Years In Military Communications and Intelligence

  • 17 Years In Information Technology and Leadership

  • 14 Years Cyber Security Industry experience

"Cybersecurity requires strategy, resilience, and awareness. It’s a business issue tied to continuity planning, with attack surface management needing visibility and proactive controls. Trends like SASE, MDR, CSPM, AI, and automation are reshaping defences, and continuous adaptation with expert partnerships is essential as threats evolve."

Stephen Faulkner

FAQ's

Is there any silver bullet to cybersecurity?

Unfortunately, there isn’t. It starts with having a strong strategy and taking steps to build robust cyber resilience and situational awareness. Cybersecurity is fundamentally a business problem and should be an inherent part of your business continuity planning and overall business strategy. Organisations need to take an intelligence- and data-led approach to mitigating the risks they face.

What is meant by the attack surface, and how do we manage it?

The attack surface encompasses everything that interconnects with or is connected to your organisation’s IT, digital, or increasingly, OT (Operational Technology) environments. This includes IT infrastructure, whether on-premise or in the cloud, endpoints, applications, data, and even users and their identities.

Managing the attack surface and mitigating risk is challenging. Depending on the scale and complexity of your attack surface, it’s essential to prioritise your most critical or vulnerable assets. At a basic level, it’s crucial to ensure full visibility of your attack surface and implement strategies to reduce it. Additionally, applying appropriate protective controls, managing vulnerabilities, having effective detection and threat response capabilities, and incorporating robust end-to-end processes are key to maintaining your security posture and handling incidents.

Partnering with experts, such as CDW, can help reduce your risk in this area.

What are the biggest trends in Cybersecurity for 2024?

The cybersecurity industry continues to grow rapidly, driven by increasing demand. In the UK, the demand for cybersecurity technology and services is rising at an average rate of around 14%.

Certain areas of demand are exceeding this average, becoming notable trends. For example, we are seeing high demand for Secure Access Service Edge (SASE), Managed Detection & Response (MDR), and Cloud Security—particularly Cloud Security Posture Management (CSPM). These are all areas where CDW has capabilities and strong partnerships.

Additionally, many organisations are consolidating to centrally managed platforms that offer broader protective controls and capabilities, reducing the need for multiple point solutions. This trend is coupled with a growing demand for efficiency, with autonomous and AI-enhanced solutions becoming increasingly important.

How is the threat landscape evolving?

The threat landscape is constantly evolving, with threat actors and attackers continually adapting their techniques, tactics, and procedures (TTPs) to circumvent cyber defences. Generative AI (Gen AI) is playing a dual role, enhancing defensive capabilities while also posing significant risks.

Well-funded criminal and state-sponsored threat actors are leveraging their own Large Language Models (LLMs) to create increasingly evasive malware at scale. These actors can also produce highly realistic phishing lures that are harder to detect, contributing to a rise in phishing attacks. Alarmingly, LLMs are now available for rent on the dark web for as little as $200 per month, lowering the entry barrier for new adversaries.

Deepfakes and voice cloning are also becoming more prevalent, deceiving victims into trusting what they see or hear. These tactics have already led to substantial financial losses for businesses and individuals alike.

As we gather more intelligence, patterns will emerge to shed further light on the impact of these developments.

What future trends should we watch for in both Cybersecurity and the Threat Landscape?

Automation and AI enhancements will undoubtedly continue to shape the future. Quantum computing is also poised to be a game-changer as it approaches stability and commercial viability.

However, in the paradoxical world of cybersecurity, technological advancements often benefit both defenders and attackers. For instance, quantum computing could eventually crack even the strongest encryption keys. While quantum computing already has the potential to break some levels of standard encryption, future advancements could pose significant risks—not just to businesses but to global security as well.

Contributions

  • OCTO Round-Up
Sept 13, 2024

CDW's Commitment to the Armed Forces: Signing the Armed Forces Covenant

This week marked a significant milestone as we attended the signing of the Armed Forces Covenant by CDW.

Past event
  • Microsoft
Nov 01, 2024

Secure and Simplify: The Art of Reducing Costs while Enhancing Security with CDW, Microsoft, and BlueVoyant

This webinar recording demonstrates how to strengthen your security posture with Microsoft solutions, reduce costs, and improve ROI.