Choose your topics

The GRC Trends to Look Out for in 2024

Our GRC experts at SureCloud share their 2024 predictions for the world of governance, risk and compliance.

The Top 5 Challenges of Third-Party Risk Management

With the supply chain now seen as a legitimate attack path, what can your organization do? Let’s explore 5 challenges of TPRM and how to overcome them.

Third-Party Risk Management GRC
What is Third-Party Risk Management?

What is third-party risk management and how should you approach it? Find out in this post.

Third-Party Risk Management GRC
The Top 4 Challenges of Risk Management

What are the top four challenges of risk management today and how can you overcome them? Find out in this post from SureCloud.

Third-Party Risk Management GRC
Transform Compliance into Your Competitive Advantage

In GRC, compliance is often viewed as a cost that makes it harder to pursue growth. Here's how to make it your competitive advantage.

Compliance Management GRC
Questions You Should Ask when Preparing For Your First Pen Test

Understand the processes that you and your chosen pentest provider will travel through for your first pen test, from the initial point to the day the test starts.

Penetration Testing
TPRM Blog 6-Writing Clear Questions

Our GRC Practice Director explores the importance of clear communication and how to achieve it in your third party questionnaires. Read more here.

Third-Party Risk Management GRC
The Simple Way to Combat Phishing

SureCloud Cybersecurity Practice Director Luke Potter shares his tip to stay ahead of attackers phishing for your downfall.

Penetration Testing
See Yourself in Cyber With Janhavi Deshpande

See Yourself in Cyber With Janhavi Deshpande - SureCloud

Cyber Security
Vector (7)
Cyber Risk Management, Adversary Services, Cyber Security

Meet SureCloud's Ben Jepson, VP of Cyber & Risk Advisory Services

Meet SureCloud's Ben Jepson, VP of Cyber & Risk Advisory Services
Written by

Ben Jepson

Published on

30 Oct 2020

Meet SureCloud's Ben Jepson, VP of Cyber & Risk Advisory Services


Get to know Ben Jepson, VP of Cyber & Risk Advisory at SureCloud, who gives us insight into his life inside and outside the office, as featured in the Intelligent CIO profile here. We will be discussing how Ben started his career in technology as well as what he believes the technology trends of 2021 will be.

What would you describe as your most memorable achievement?

I’ve only been at SureCloud for a year. Still, during that time, I’ve seen my most significant achievement as getting the Risk Advisory team off the ground and established as an integral aspect of the SureCloud proposition. As a business, we focus on developing a subscription-based “as-a-service” offering that our clients can consume on-demand, and the risk advisory team is a key aspect of this. Its been very rewarding seeing the team evolve and now play a critical part in driving the SureCloud business forward.


What first made you think of a career in technology?

I didn’t! I did a Politics degree at University, and when thinking about roles to go into never really thought about technology, I was focused on management consultancy or within central government. I then started out working on a graduate recruitment scheme for a company called Sema Group, now Atos, which gave me the experience of different business units with a tech company. This is where I first got exposure to cyber and risk. My main interest is business-related – growing and developing successful businesses – and cyber provides the subject matter to do this. So I guess my career in technology came because tech provided the most exciting field for fast-growing businesses rather than wanting to be in technology first.


What style of management philosophy do you employ with your current position?

 I aim to provide loyalty, integrity, and trust. It’s important to me that my colleagues see that I am willing to get stuck in and work and that my team follow me in doing this rather than being told to do things. Being a strong leader means showing and coaching rather than telling people what to do. I also think it’s hugely important to be available in a leadership role – people need to know they can talk to you for support, questions, and advice. My philosophy is also very behavioral focused. While in our industry, you need to excel technically, that in itself isn’t enough. I look for my team to demonstrate core behaviors, including bringing positive energy to the table, being cool under pressure, and being collaborative.


What do you think has emerged as the technology trend of 2021, and why?

 The first and obvious answer is collaboration systems that the entire planet has been using to replace our face to face meetings in the shadow of COVID. The quadrupling of Zoom’s share price tells that story on its own. Secondly, but no less important, has been the introduction of dozens of smaller cloud-based industry-specific tools replacing legacy on-premise systems since on-premise no longer benefits from being the incumbent—this includes everything from time tracking, payroll finance, expenses, scheduling, and many more. We’re seeing more so than ever, the lines we would usually draw around where sensitive data is kept quickly getting more blurred while companies rush to stay operational.


What do you currently identify as the major areas of investment in your industry?

Tied into my above answer, we’re seeing clients invest heavily in systems such as Teams and Zoom, and other collaboration tools. As part of the (enforced) trend towards home working and the expectation that this trend will become part of the norm moving forward, we’re also seeing clients investing more heavily in cybersecurity. Clients are being asked by their customers and potential customers to clearly outline their cyber resilience and compliance efforts in line with various standards, leading to an increase in investment. We’re also seeing clients start to invest more in on-demand or as-a-service offerings rather than recruiting their own internal security teams, either because of financial restrictions or the scarcity of resources. We’re seeing clients invest in managed service/subscription-based offerings such as our “Max does Cybersecurity” proposition.


How do you deal with stress and unwind outside of the office?

 I find exercise is the best way to deal with stress outside of the office. It’s really important to me to get to the gym or out on my bike most days, as this is a real opportunity to grab an hour or two without thinking about the stress of work. I firmly believe that exercise is as good for you mentally as it is physically.


If you could go back and change one career decision, what would it be?

I went to work for a small start-up business around 2002 without researching in enough detail the company’s proposition, values, and the people behind it. It was an absolute disaster, and I left after 9 months. It’s always important to make sure that you have a clear understanding of a company’s proposition and its values. If your values don’t match the organization you’re working for, it might be time to look elsewhere.


What are the region-specific challenges when implementing new technologies in Europe? 

 Mainly around two areas – Cost: when compared with cheaper outsourced providers in APAC, etc., and the second is Legislation such as privacy, GDPR and international transfers to the US, etc.


What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?

 As I moved to SureCloud just 12 months ago, my job role has changed quite dramatically. It’s great being back in an entrepreneurial, less political environment. My role has aligned back to focusing on growing the business through sales, proposition development, and strategy implementation rather than Excel spreadsheets. The last 6 months since the pandemic outbreak have obviously had a major impact, and my job role now is heavily involved in making sure that my leadership team and broader team are all still motivated and working well remotely.


What advice would you offer somebody aspiring to obtain a C-level position in your industry? 

Work hard – there really isn’t any substitute for this. You’ve also got to have a lot of grit/resilience and be determined to succeed in what you do. It’s also really important to understand your clients’ challenges and needs. I’m from a sales background, so I’m not a technical expert but have focused my entire career on building a close relationship with my clients and understanding what keeps them awake at night. Once you do this, you can start to articulate how you can help them address their challenges rather than just talk to them about tactical services.

About Ben Jepson

Ben is responsible for the vision, strategic relationships, and strategy execution of SureCloud’s cybersecurity and risk advisory division. Ben also oversees commercial relationships with a number of key clients. Previously Ben has held sales, commercial and executive roles in international cybersecurity, risk, and technology businesses.

About SureCloud

SureCloud provides cloud-based, Governance Risk and Compliance products, and Cybersecurity & Risk Advisory services, which reinvent the way you manage risk. SureCloud connects the dots with Integrated Risk Management solutions, enabling you to make better decisions and achieve your desired business outcomes. SureCloud utilizes a highly configurable technology platform, which is simple, intuitive, and flexible. Unlike other GRC Platform providers, SureCloud is adaptable enough to fit your current business processes without forcing you to make concessions during implementation, meaning you get immediate and sustained value from the outset.