Episode 16

full
Published on:

15th Mar 2023

Strengthening Cyber Security: The Impact of Compliance and Legislation

Josh Davies, Keith Christie-Smith, and I dive into the world of legislation and compliance and explore the stark contrast between the need for rigorous security and the burden placed on businesses to comply.

“One of the big problems we have in security is that you spend all this money pre-empting your defence in depth to try to protect you against things that you could perceive could happen to you." Josh Davies

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen

In this episode, we covered the following topics:

  • What do the changing regulations and compliance requirements in the information security field mean for businesses?
  • The advantages of a security first approach
  • How being compliant in itself doesn’t necessarily mean your organisation secure
  • The irony of having a cyber incident justifying the budget for adequate security measures
  • The opposition of legislation vs growth and innovation
  • The concept of ‘legislation fatigue’ – is there a danger of having to comply with too many standards?
  • The importance of understanding the intent behind the compliance requirement
  • What is the difference between too much or too little legislation on security measures?
  • The limitations of generic security frameworks vs frameworks targeted to specific industries such as PCI DSS
  • The challenges of creating universal standards

GUEST BIOS

Josh Davies

Josh Davies is a Product Manager at Fortra by Alert Logic. Formerly a Security Analyst and Solutions Architect, Josh has hands on experience in incident response and threat hunting activities before working with organisations to identify appropriate security solutions. Josh continues to be closely involved with security operations and threat research.  

Keith Christie-Smith

Keith is a sales director with Claroty, covering the Government, Defence and Healthcare verticals. Keith has worked in the cyber security field for both vendors and resellers. He has been in cyber security for over a decade having worked in IT managed services for almost a decade beforehand.  


Other episodes you'll enjoy


Ransomware Sanctions: Exploring the Fallout

https://www.razorthorn.com/ransomware-sanctions/


Threat Intelligence: Why Awareness is Critical, and Collaboration is Essential

https://www.razorthorn.com/threat-intelligence-why-awareness-is-critical-and-collaboration-is-essential-razorwire-podcast/



Connect with your host James Rees


Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.


Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


Loved this episode? Leave us a review and rating here


All rights reserved. © Razorthorn Security LTD 2025

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
Real conversations helping cybersecurity professionals sharpen their insights, strategy & leadership skills.
🔒 Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge.

Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends.

Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals committed to continuous improvement.

Each episode brings you actionable advice and real experiences from your host, James Rees — an information security specialist with over 25 years of experience — and from a range of respected guests across the cybersecurity industry. Together, we explore everything from technical strategies and compliance challenges to security culture, communication skills, and leadership development.

James Rees is the founder of Razorthorn Security, providing expert consultancy and testing services to a wide range of organisations, including many Fortune 500 companies. His practical, no-nonsense approach helps organisations manage cyber risks effectively while strengthening resilience.

The Razorwire podcast is designed for cybersecurity professionals who want to stay ahead, sharpen their skills, and confidently respond to the challenges of today's evolving threat landscape. We believe collaboration is key to stronger security — and Razorwire gives you the conversations that help you achieve it.

For more information about us, or if you have questions you'd like discussed on the show, email podcast@razorthorn.com or visit www.razorthorn.com.