WiCyS UK&I Affiliate - A Conversation with Laure Lydon

WiCyS UK&I Wisdom: A Conversation with Laure Lydon

The cyber security industry has long faced challenges with gender imbalance and talent shortages. Individuals dedicated to creating positive change and addressing these gaps play a vital role in the field’s evolution. Enter: Laure Lydon.

Laure's long and highly successful career has been marked by a commitment to holistic security and a strong focus on giving back, supporting diversity, and shaping the future of cyber security.

In this conversation, WiCyS UK+I’s Marketing Lead, Laura Reilly, talks to Laure about her professional journey, her thoughts on the industry’s evolution, and the essential roles that mentorship and collaboration play in cultivating future leaders and driving meaningful change.

Who are you and what do you do?

I’m Laure Lydon, VP of Security at Flo Health, where I’m responsible for all security aspects of Flo’s security programme, strategy and roadmap. My role spans all security disciplines: product security, cloud security, security operations, architecture, risk management, and compliance.

I’m also one of the chief advisors at WiCyS UK+I and serve on the advisory boards for Club CISO and InfoSec Europe. I firmly believe it’s essential to contribute actively to our industry and not to just be a passenger on this journey – we need to give back and shape the future of cyber security.

What’s something people might not know about you?

What would you like to know? I’m a keen sea canoeist, any opportunity to get out on the sea and I’m there! I did speech and drama in school, I left home at 16 and lived and worked in various places, including at the Science Museum in London for three years (instead of going to university). That time really shaped me.

If you could host a dinner party with any three people (real or fictional, dead or alive), who would they be and why?

Steve Jobs, Ursula von der Leyen, and Lucy Burns.

Steve Jobs was an incredibly inspirational leader with a visionary approach to technology and design. I’d love to learn from his unique perspective on innovation and leadership. Ursula von der Leyen is another remarkable figure, having led an amazing career while also raising seven children. Her balance of ambition, leadership, and family life is truly inspiring. Lastly, I’d invite Lucy Burns. While I’m not a fanatic feminist, I strongly believe in equality and agency for women, and the women’s suffrage movement fascinates me. Lucy’s courage and commitment to achieving social change would make her a fascinating guest, especially for discussions about resilience and progress.

Talk me through your career to date.

My career started in an unconventional way. I did various jobs in my late teens to keep a roof over my head, at a time when I probably should have been in university. I was also dealing with health issues, specifically myalgic encephalomyelitis (ME), but thankfully, I recovered and embraced making up for lost time!

My first “proper” job was with a telecommunications carrier in customer service and reception. I was promoted within a few months to office management. Without a degree, I was fortunate enough to be accepted into a management development program that took me to Sweden for six months, where I learned product management and development. When I returned to the UK, I moved into pre-sales for document services and then worked as a bid manager at Océ. That’s when information security and business continuity were becoming big priorities in the industry. A lot of my work at the time involved researching information security, which eventually led me to implement what I’d written about.

From there, I became an innovation project manager, building and implementing security controls, including logical and physical security elements. This experience formed the foundation of my security career, and I applied those skills in several roles before moving on to business assurance and technology governance at Canon. I’d just had my third child, and it seemed like the right time to try something different.

I joined URM as a senior consultant, where I had incredible exposure to various environments and challenging projects, like turning around struggling security programs. But after a while, I began to feel like a “surrogate mother” for projects I had to hand over to others to grow.

I was eventually headhunted into Ladbrokes Coral, and after the company was acquired, I joined WPP IT to head up technology compliance. There, I worked closely with CTOs across a large network of agencies, helping them understand and meet their compliance responsibilities.

A few months later, I got a call from the CIO at Babylon and after seven interviews, I took on the role of Head of Security GRC. Within a few a few months, I was acting as interim CISO during a challenging period including COVID, Babylon’s data breach and its IPO before the US market downturn, eventually moving on to Flo Health.

How have you seen the industry evolve since you started? What trends do you think will shape its future?

When I joined URM, the industry was very compliance-led, even outside of heavily regulated sectors. Companies were just beginning to mature, and many were implementing controls simply for compliance’s sake. There was a lot of fear, uncertainty, and doubt (FUD). Now, 12 years later, the landscape has changed. People accept that cyber risks are real, and all businesses face them. The emphasis isn’t on compliance frameworks just for the sake of compliance anymore; it’s about understanding your organisation’s context and building controls that truly enhance security.

Another significant shift is that it’s no longer ‘all about technology’. 15 years ago, everything seemed to centre on tech, but now we recognise the importance of people aspects and processes.

What has been the most rewarding moment of your career so far and why?

When we received a letter from the ICO informing us that no action would be taken after the breach at Babylon. The breach happened just a few weeks into my interim CISO tenure. The letter essentially validated our response approach, our controls, and our processes. External auditors further confirmed that we had done the right thing from start to finish. That validation meant a lot.

What skills do you believe are essential for success in cyber security today?

People skills and communication are just as essential as technical skills. Cyber is such a broad field, it’s impossible to know everything, so being able to research, ask questions, and draw on the expertise of others is crucial. No one can be an expert in everything, so collaboration and continuous learning are key.

What’s the best piece of advice you’ve ever received?

One piece that particularly resonates is the importance of staying focused. We all have a lot on our plates, and it’s easy to get distracted. Being laser-focused on just a few things - the most urgent things - at any given time is essential. That focus helps you make real progress.

Do you have any role models who influenced your career?

I’ve had some fantastic mentors throughout my career. Rob Sims, now CEO of SumVivas, was instrumental in my development early on. He was a line manager and role model during my management program, as was Steve Jackson, who was Director of HR at the time. Both were pivotal in propelling me forward in my career.

At Océ, I learned so much from Chris Martin and Steve Burney about the importance of storytelling - even though my role wasn’t in sales, the ability to tell a compelling story is a valuable skill in cyber security.

Finally, Jayne Pointon and Lisa Dargan are two women I greatly admire. Jane managed to balance a demanding career with family life and was a real example to me of what’s possible. And my former boss, Oran Hollander, brought fresh perspectives with his background in both the Big Four and military. His approach to offence and defence was invaluable; he’s been an incredible coach and mentor.

Are there any younger individuals who particularly inspire you?

My children! From my eldest to youngest - they all stagger me with their natural ability to combine tech and creativity to solve for problems. My middle child keeps me on my toes and often tells me she thinks she could do my job better than me! I love that confidence in a teenager. The way they adapt to new technology and their organisational skills are inspiring. They’ve had fantastic educational opportunities, and it’s exciting to see how the world is changing for them.

Looking back, what would you tell your younger self at the beginning of your career?

That a career in cyber isn’t just about learning technical skills. Getting out there and becoming comfortable with being uncomfortable is so important, because it’s a sign of growth. Just embrace the learning that comes with each new opportunity and challenge.

Do you have a favourite quote or motto that you live by?

I have two. There’s a quote from a famous politician (who I don’t particularly align myself with otherwise!) that says, “happiness is a ticked list.” It embodies a drive to get things done and see meaningful results. The other is the notion that ‘you can reinvent yourself at any time’. Giving yourself the freedom to adapt and take new directions is energy giving security is a very broad church, but we can easily become so attached to specialisms or to what we’re doing, potentially exclude ourselves from other incredible opportunities. Taking a step back to refocus and rebrand yourself is super powerful.

Interested in joining the WiCyS UK+I community?

Join us for free, today!

Join Us

Page updated

Report abuse