LRQA on TLPT and AI: Building Real-World Cyber Resilience

Video

Testing for Truth: LRQA on TLPT, AI, and Cyber Resilience

In this interview, Ben Turner and Anthony Long from LRQA discuss how intelligence-led testing and AI-driven simulations are transforming cyber resilience. They explain how TLPT (Threat-Led Penetration Testing) exposes real vulnerabilities across people, process, and technology—helping organisations move from theoretical control to operational truth.

Nov 04, 2025

Ben Turner, SVP, Consulting & Advisory Services / UK&I and EMEA Business Director, Cyber, LRQA

Anthony Long, VP, Strategic Solutions Architect / Cyber Strategy & Digital Innovation, LRQA

Tags: Operational and Non Financial Risk

The views and opinions expressed in this content are those of the thought leader as an individual and are not attributed to CeFPro or any other organization

At the Operational Risk & Technology event, LRQA’s Ben Turner and Anthony Long explain how Threat-Led Penetration Testing (TLPT) is redefining the way firms test resilience. Unlike traditional assessments, TLPT is intelligence-led and conducted in live production environments, exposing weaknesses across people, processes, and technology. The approach helps organisations understand their true response capability and readiness for real-world incidents, not just technical vulnerabilities.

They also explore the growing intersection between AI and cyber resilience—how attackers are using artificial intelligence to increase sophistication, and how defenders must respond in kind. As regulatory frameworks evolve and converge globally, Turner and Long highlight the importance of collaboration, cross-border testing, and shared learning. For LRQA, TLPT represents a shift from compliance to proactive assurance, enabling firms to strengthen their defences through insight, not assumption.

Ben Turner Bio

Ben Turner leads LRQA’s global cyber consulting and advisory practice, bringing over 15 years of expertise in threat-led penetration testing, red teaming, and cyber risk management. He has worked across critical sectors and central banks to help organisations build resilience, align security with business priorities, and turn cyber risk into strategic opportunity.

Anthony Long Bio

Anthony Long is a leading expert in financial services cyber resilience and a former senior advisor at the Bank of England. He was instrumental in developing CBEST, now a global standard for threat-led testing. As VP and Strategic Solutions Architect at LRQA, he helps clients build measurable cyber and operational resilience. Anthony shapes global strategy, frameworks, and advisory services to meet regulatory demands. A CREST UK Council member, he advises regulators on testing and supervision. With 20+ years’ experience, he translates complex challenges into practical solutions trusted by governments, regulators, and industry leaders to safeguard reputation and enable growth.