Speaking behind the scenes at Risk Evolve, Mo Philip, Head of Information Security at Legal & General Retail, outlines the building blocks of a modern incident response framework. Rather than aiming for total prevention, firms must assume that incidents will occur and prepare accordingly—through a blend of people, processes, and technology. This cross-functional approach involves engaging legal, HR, IT, and business teams from the outset.

Mo emphasizes the growing importance of regulatory collaboration, particularly within UK financial services, where information sharing has become a collective defense mechanism. By staying aligned with best practices and engaging with regulators like the FCA, organizations can remain ahead of compliance expectations rather than reacting to them.

Securing board-level buy-in is another core challenge. Mo advises linking cybersecurity with operational resilience—something leadership already understands. He also stresses the value of conducting tabletop cyber exercises with executives to bring theoretical threats to life and build urgency around investment.

On automation, Mo warns that many firms still rely on manual cyber controls that are difficult to scale or test accurately. He advocates for smarter automation to close the gap between intent and effectiveness.

Finally, Mo argues for stronger industry-wide collaboration and the integration of cyber risk within the broader operational risk ecosystem. He calls for business-led cybersecurity teams that report outside of IT to maintain independence and visibility across enterprise risks.