top of page

Meet our Trusted Partner - Protection Group International (PGI)

Our Trusted Partners are an integral part of the ECRC, being able to accredit cyber essentials. But here is a little more information about the people behind the partner.

Tell me who you are and what you do within PGI?

I’m Olly Jones, Senior Cyber Security Consultant at PGI – I’m not a technical person, as such, so my role is primarily around helping organisations understand the threats they are up against. I talk to our clients about what the threats are and how to mitigate them – quite often, I do this via training, so I’m an NCSC-Certified trainer. I also work with our international team, with a focus on cyber capacity building – essentially, we’re helping others build up their cyber resilience skills.

How did you get into cyber resilience?

I started as an analyst at the Serious Organised Crime Agency, now the National Crime Agency, and then moved on to GCHQ where I worked in a multi-agency team helping to establish and develop a new innovative cyber assessment centre in advance of the establishment of the NCSC.

What’s the best thing about working at PGI?

The sheer breadth of the work I get to do, particularly the companies I am lucky enough to work with – across all sectors and internationally.

What size companies do you work with?

From SMEs right up to multi-country organisations – I’ve worked with small businesses who have five staff and I’ve run training sessions in organisations where they have more than 5,000 staff, training both executive leadership and the wider workforce to understand what cyber threats are out there and the best ways to manage them.

What do you see small/medium companies struggling with in terms of cyber resilience?

It really is about understanding the risks, so they know how to manage them. For example, phishing is still a major entry point for criminals—whether that’s for a Business Email Compromise scam or to install ransomware—so making sure everyone in the organisation (even if there are only five of you) knows what to look for is vital. Also, the amount of information available about mitigating cyber threats is likely to be overwhelming and if you don’t know where to start, you’ll either end up spending a lot of money you don’t need to or you’ll avoid doing anything at all; of course, while the digital world is all 1s and 0s, the human element needs to be in in balance with the technological side if you want to successfully keep your business secure and resilient.

Why should companies get Cyber Essentials accreditation?

Well, you have to start somewhere and Cyber Essentials is a great scheme as a first step. The five areas that Cyber Essentials focus on, are more or less the basic points you need to cover for filtering out the low-hanging fruit that criminals will initially aim for. Much like putting on some kind of body protection and a helmet when you go mountain biking.

What three tips would you give a company with little knowledge of cyber resilience?

  • Get Cyber Essentials so you can tick off the basic defences

  • Make sure your teams have had cyber awareness training so they know what to look for

  • Know what data you hold – you may not think you have anything to offer a criminal, but you’d be very surprised.

Photo of a steaming mug of coffee

Tea or Coffee?

The day hasn’t started without a coffee.

If you were a super hero, what powers would you have and why?

Teleportation – I could skip traffic and travel all over the world without having to sit still for hours!

PGI logo


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page