ISC2 Insights talked to Google's Strategic Security Advisor Phil Venables following his keynote session at ISC2 Security Congress. We discuss the challenges, implications and benefits of delivering cybersecurity services at extreme scale. We also examine what this means for the IT supply chain.
In Conversation with Phil Venables
In his ISC2 Security Congress 2025 keynote, Phil Venables argues that cybersecurity must evolve from a bespoke, expert-driven craft into an industrialized discipline that can scale with modern digital complexity. He emphasizes standardization, automation and meaningful metrics as the foundation for improving security outcomes at scale.
Venables highlights AI and automation as key enablers, not through single breakthroughs but via many incremental improvements that collectively boost productivity and resilience. He stresses that security accountability must be embedded across engineering and operational teams, not siloed within security functions.
Finally, he notes emerging risks such as quantum computing, warning organizations to prepare early—particularly around cryptographic authentication and trust systems. Overall, he calls for a systemic, metrics-driven and culture-aware approach to building sustainable, large-scale cybersecurity.
