By Lucy Harvey, PR and Comms specialist, DTX

In 1962 President John F. Kennedy visited NASA and, during his tour he saw a janitor carrying a broom; when the President asked what he did for NASA he was met with a surprising answer, “I’m helping put a man on the moon.”

This simple exchange contains a powerful lesson: the janitor understood the purpose of his work and how it fitted the organisation’s mission.

By keeping labs, corridors and toilets clean he was freeing scientists, engineers and astronauts to concentrate on their mission of getting to the Moon. There was no need for them to worry about maintenance, bins, bathrooms or hallways because he took care of that.

He fully understood the importance of his role in helping NASA put a man on the moon.

Maybe it’s time we applied the same thinking to cyber security.

Cyber security is now a critical component of every business, but too often employees experience it as a barrier rather than an enabler.

Processes dominate, while “no” is the word employees most often hear from security teams.

While well-intentioned, this approach can slow productivity, frustrate staff and disconnect security from the wider business mission.

Process shouldn’t prohibit productivity, it must support it.

At this year’s DTX London, Robert Maughan, deputy CISO at UCL, will take part in a Main Stage panel promoting that the real value of cyber security lies in allowing employees to do their jobs safely, while still achieving their goals.

But to achieve this, security teams need to foster collaboration and open dialogue, where rather than simply saying no, they work with their teams to understand what they are trying to achieve, why they are trying to achieve it and, most importantly, how it can be achieved, securely.

Openness in cyber security is critical today and not only does it foster a more collaborative relationship with staff, but it also allows security teams to understand why an employee is trying to do something and why it’s important to the overall business.

Simply applying processes and mandating that everyone agrees to them, is a checkbox exercise, which does little for productivity, employee morale or security.

Organisations aren’t built on processes, they are built on cultures, and if employees need to do something, even though it might not be the safest option, they will do it, especially if it means meeting their own objectives.

The worst thing a security team can do is generate a sense of distrust and fear, where employees don’t feel supported and are scared to report things when they do make mistakes.

Cyber security can often seem all-encompassing, with the stakes mounting every day, but it must be embedded into culture to ensure employees feel supported in their roles and not penalised by it.

No organisation can survive today without security, but equally no organisation can survive today without productivity. A balance must be achieved.

Whether it’s landing on the moon, selling products to the masses or delivering education across diverse environments that span the globe, security teams must understand their important role in helping the business meet its mission and enabling employees to thrive.

Join Robert on the Main Stage for his panel session around ‘Building change around people, not just process’.

The session takes place on Wednesday 1^st October 2025 at 1:05PM - 1:50PM.