Meet Viatel Technology Group’s CISO Ed Heneghan

One thing about Viatel is that our investment in our people is on par with our investment in technology. A case in point being the recent appointment of cybersecurity expert Ed Heneghan as Group Chief Information Security Officer (CISO).  

The Early Days  

Now the overseer of the group’s information, cyber and technology security strategy, the Limerick native began his career honing his craft in the public sector. “When my wife and I moved to Dublin in 2007, the financial crisis was just about to go full swing, so I was lucky to fall into a civil service job at the time. While I cut my teeth in the cybersecurity department of the Department of Social Protection, I felt it was time for me to move on from the public sector and into the private sector.” 

An Opportunity in Cybersecurity  

After making the move closer to home and taking a job on an IT helpdesk, Ed saw that there was a gap in the market for SMB’s who faced the same threats that larger companies faced, but without the budget to protect themselves. With that, Henecon, a cybersecurity consultancy company, was born.  

I set up Henocon and continued building up my knowledge. Cybersecurity had become a bit more prominent in the Midwest soon after, so I took up a role as a security analyst in AXA Partners in Shannon. After a couple of years First Data (now known as Fiserv) came to Nenagh, and I was lucky enough to have my choice of roles there on my doorstep. I had become a dab hand at Splunk, so I became a Cyber Analytics engineer there. After a few years there I had built up a good chunk of knowledge around all the pillars of cybersecurity, so I felt it was time to give Henocon a chance. I then started consulting for Viatel and so began something beautiful! 

Ed Heneghan, newly appointed CISO at Viatel Technology Group. Photograph by Eamon Ward
Ed Heneghan, newly appointed CISO at Viatel Technology Group. Photograph by Eamon Ward.

A Trusted Partnership  

As Viatel and its need for cyber strategy grew Ed became a trusted advisor to the team, and was key in helping to establish the future-proof robust infrastructure Viatel has today. It was clear that alongside his knowledge and expertise, Ed’s approach toward cybersecurity was a true fit with the culture of cyber resilience awareness that was being established within Viatel’s team.  

“I got to know a lot about Viatel and even though I was an external consultant, I was always made to feel very much at home within the company. When the role of CISO was advertised, it was a no-brainer for me to apply and become part of a company I both admire and know so well. It is a match made in heaven for me!”, Ed shared.  

And the feeling has been mutual, with some great work already being done internally to further enhance our cyber resilience. With the protection of both customer and internal data always paramount to all operational decisions made at Viatel, Ed is hyper aware of the impact technology has on our business.  

The role is very multifaceted, and you need to consider a lot of things at the same time. For example, if I deploy a new tool, I need to be aware of what impact, if any, it will have on productivity. If I become aware of a particular vulnerability that affects our systems, then I need to address it in a timely manner and with respect for all the functions of the business. A lot of people think of it as a very technical role but there are a lot more problem-solving and leadership qualities involved.

 

Cyber Resilience Culture 

Over the past number of years, the leadership team at Viatel have put a major focus on establishing a cyber- aware culture. While training is critical, there are many other contributing factors to its success.   

My focus will be promoting a security-first culture. By building it into our training programs and tool deployments, we will become much better at detecting and reporting security incidents. We will be able to ensure that we are compliant with all of our security frameworks and will ensure that productivity and collaboration are not impeded by retrofitting security measures into established work practices,” Ed shared.  

Having worked with many organisations over the years and experienced a plethora of challenges through his own work, Ed has seen it all. While implementing policies and procedures are critical, there is a fine art to doing so with minimal disruption to operations and productivity.  

“When I first started out in cybersecurity, I thought that locking things down and blocking as much as possible was the solution to all the problems I saw. It worked for a while, but I very quickly learned that impeding productivity and impacting the overall user experience was counterproductive and led people in userland to detest IT and the perceived “block hammer” and usually ended up in more incidents rather than less, as people were less likely to abide by policies and procedures.” 

While the technology takes significant consideration, most business leaders will attribute a lack of cyber- awareness within their workforce as one of their greatest challenges when it comes to securing their organisation. With 95% of cybersecurity breaches being attributed to human error, Ed’s sending home the message that it is truly a group effort.  

Cybersecurity- A Team Sport  

While the technology takes significant consideration, most business leaders will attribute a lack of cyber- awareness within their workforce as one of their greatest challenges when it comes to securing their organisation. With 95% of cybersecurity breaches being attributed to human error, Ed’s sending home the message that it is truly a group effort.

By treating cybersecurity as a team sport and engaging users through education and knowledge sharing, the average end user understands more why certain measures are in place and how to practice healthy cyber hygiene overall, which leads to better outcomes when aiming for particular cybersecurity goals.

When asked what advice he would give to other organisations looking to enhance their cyber resilience strategy, his message is clear: security-first decision making.  

Integrate cybersecurity into every facet of your IT strategy. If you don’t have enough resources, reach out to your IT partners. If you put cybersecurity at the heart of every internal project or digital transformation, then you will have far better outcomes from the perspective of incident management, user awareness and protecting critical data.  A company that is cyber resilient can build trust with customers and can therefore turn their investment in cybersecurity into a valuable business asset.

 

Looking for a cybersecurity partner you can trust? Get in touch with our cybersecurity team today by emailing hello@viatel.com.