Interview: Accenture’s Kamran Ikram on rethinking cyber security in the context of operational resilience
Cybersecurity encompasses more than just threat response, detection, and prevention of attacks; it also involves the ability to recover swiftly from disruptions
In a world where cyber criminals are armed with AI and workers face new threats from convincing deepfakes and disinformation, organisations’ systems and data are increasingly at risk. How do the COO and CISO join forces and where does responsibility now lie, as organisations combine their operations with cyber security? Computing spoke with Accenture’s Security lead, UKIA, Kamran Ikram how we should be reframing our approaches.
1. Could you tell me a little about your role at Accenture, and your background in cybersecurity?
“I lead Accenture’s Security business across the UK, Ireland and Africa, bringing 30 years of experience in technology-led strategy, transformation and operations across cloud, data, AI, infrastructure and applications. I’ve specialised in core system modernisation, post-merger integration, divestments and building operational and cyber resilience into large, complex organisations. My work is typically with the C-suite and boards, helping them maximise the value of technology as a fundamental part of how the business runs.”
2. What are some of the most significant recent developments in cyber threats and what do they mean for both security and business operations?
“One of the most important things to understand is how asymmetric this space is. Threat actors can move quickly, test new ideas, and adapt without worrying about trust, reliability or regulation – the things that rightly constrain businesses. And they only have to be lucky once.
“That imbalance has always existed, but what’s changed is the scale and sophistication. AI is clearly part of that, but one of the most persistent vulnerabilities remains human error. This includes things like people clicking things they shouldn’t, sharing credentials, or bypassing security controls. So, when I talk to clients, I always emphasise: this isn’t just a technology issue. And the impact of a breach is not confined to IT – it can disrupt operations, erode customer trust and hit the bottom line.”
3. The term “operational resilience” is increasingly common. What does this mean for how organisations approach security?
“Organisations are starting to think more broadly about resilience – about what it takes to keep operating through a crisis, whatever the cause.
“Cybersecurity encompasses more than just threat response, detection, and prevention of attacks; it also involves the ability to recover swiftly from disruptions. Modern cybersecurity now encompasses operational resilience and business continuity, forming a unified approach where organisations must ensure they can recover and maintain essential functions during attacks.
“Downtime, even for just minutes, could be catastrophic for customer service, operations, and depending on which sector businesses are in, with regulators. All of which has huge ramifications on a business’ revenues and reputation.”
4. How should organisations structure their cybersecurity and operations teams to respond to these threats?
“Security can’t sit in a silo. While specialist teams need to stay laser-focused on technical threats, the wider organisation must know how to respond when the worst happens. That means breaking down functional walls and running cross-team simulations - fire drills, essentially - so everyone from the CISO to the COO to frontline staff knows their role when a crisis hits.
“The goal is muscle memory. When something goes wrong, you don’t want people scrambling around trying to figure out what to do. Security and operations must work in lockstep and have rehearsed multiple scenarios.”
5. How should IT and business leaders think about cyber security in terms of business outcomes?
“Too often, cybersecurity gets framed as a compliance issue. But it’s fundamental to business continuity. Leaders should view cyber as a core capability of operational resilience. Take a consumer goods manufacturer: if the factory is offline, it doesn’t matter whether the cause was a flood or a ransomware attack – the outcome is the same. What matters is how quickly that business can get back online. That reframing helps shift the mindset from compliance and cost to value and resilience.”
6. AI is obviously a growing cyber security threat, but how can AI help in terms of defence in this context?
“It’s a double-edged sword. On one hand, we’re seeing threat actors use AI to automate attacks, generate messages and deepfakes, and scan for vulnerabilities faster than ever. On the other, AI, analytics and good data, are giving defenders powerful new tools to defend against such approaches. For example, AI can spot anomalies in huge volumes of activity and flag potential breaches earlier. One way to utilise this capability is for organisations to deploy digital twins – which are essentially decoys of real systems – to lure attackers and study their behaviour.
“While the technology is evolving, a lot of breaches still come down to basics: people not following password policies, leaving screens unlocked, or clicking suspicious links. You need both best-in-class technology, as well as good hygiene being demonstrated by staff, to keep an organisation safe.”
7. What other key issues should cyber security decision makers be aware of today?
“Attackers now have access to off-the-shelf ransomware kits and hacking-as-a-service tools, making sophisticated breaches more accessible than ever.
“Scenario planning is key. Businesses need to have their ‘lifeboats’ ready – meaning a minimum viable version of the business that can be protected, activated and running again as quickly as possible after an attack.
“Backups – the more traditional solution to this challenge – are often treated as a safety net, but they are a priority target for threat actors. In some cases, they are even easier to compromise than core systems.
“Building this lifeboat goes beyond backup. It’s about standing up separate, production ready environments – kept out of normal production and isolated from core infrastructure –
that can be activated fast. The challenge is rehydrating it with critical data to restore operations. It’s not easy, but it’s essential for maintaining continuity.”