'Far to many businesses in the cybersecurity industry are using AI to cut costs.' – Danny Jenkins, CEO of ThreatLocker
Danny Jenkins grew up in the town of Telford in Shropshire, England. His love for computers began at an early age, as he spent time taking them apart and putting them back together.
By the age of 15, the highly intelligent youngster left school to pursue a career in the computer field. After applying to every company in Telford, Jenkins finally landed a position in IT. His journey from modest beginnings to leading one of the top cybersecurity companies is both inspiring and impressive.
Jenkins began his cybersecurity career in 1997, and during the years that have elapsed he has firmly established himself as both a hugely respected and influential cybersecurity professional amongst his industry peers.
During his distinguished career, Jenkins has worked for Kingspan, MXSweep and Sirrustec.
Jenkins is now the CEO of cybersecurity company ThreatLocker, which he co-founded in 2017, along with his wife and COO Sami Jenkins and CQA John Carolan.
The company has gone from strength-to-strength since its inception, and its mission statement is to transform the cybersecurity industry by moving from a default allow model to a default deny model.
In a compelling interview with CNME, Jenkins was candid in relation to the challenges facing the global cybersecurity ecosystem.
We began the conversation by putting a lens on the topic of ransomware.
In June of this year, hackers stole 450 million data points from American Hospital Dubai.
It was one of the largest data breaches of a healthcare facility in the UAE, and despite global reports indicating that ransomware attacks were on the decline, it was a stark reminder of the devastating impact and ramifications a cyberattack can have.
Jenkins stressed that whilst the volume of ransomware attacks may be reduced, the sophistication of the attacks have grown ten-fold.
'The number of ransomware attacks have gone down slightly, but that's been subsidised by the sheer size of the attacks involved. If we go back to 2017, when ThreatLocker was founded, we saw a lot of attacks where companies were being shaken down for anywhere between $1,000 dollars to $20,000 dollars. However, the problem now is the fact that these ransomware attacks are so sophisticated and coordinated that they're able to demand so much more money,' said Jenkins.
As a former ethical hacker, Jenkins said that it has become evident how ransomware attacks have changed over the years and explained how dark web gangs are now using a tactic called 'double extortion'.
'Ransomware attacks have evolved from solely focusing on encrypting data to also including data exfiltration as a primary tactic. This shift increases the pressure on victims to pay ransoms. The traditional ransomware model involved the process of encrypting files, making them inaccessible, and demanding a ransom for the decryption key. Now these attackers are more sophisticated and not only do they encrypt data, but they also exfiltrate sensitive information before encrypting it. This means that many smaller businesses are less likely to pay and will say to the hackers to go and dump their data on the internet, but the larger businesses are more likely to pay,' said Jenkins.
Jenkins also highlighted how many hackers actually lie about how much data they have stolen.
'In the case of the ransomware attacks on the American Hospital Dubai, they said they stole 450 million data points, and four terabytes of data. However, it's highly likely that this isn't true. What often happens is the hackers will take 10% of the data, but will tell businesses that they've got it all, and they'll just start drip feeding you data. But if you extract 450 million medical records and four terabytes of data then more than likely you're going to get caught. Now if you extract 400 gigabytes of data then that's not going to trigger any alarms,' said Jenkins.
Many IT analysts and commentators have been critical of businesses who have paid to get their data back, saying that it creates a marketplace for hackers.
However, as Jenkins points out, it's not as black and white as that.
'Look let's be frank, ransomware is a multi-billion-dollar industry, this isn't one person sitting in his basement writing code, it's big business. It's highly sophisticated, it's expertly coordinated, you have hackers creating footholds on systems, getting on servers and pushing ransomware out at a global level. It is easy to say don't pay, but when you've got an airport shutdown, a hospital, or an oil pipeline then you've got to get your business back up and running. The first ransomware case I worked on was a small insurance broker that paid $22,000, and they didn't get their data back, but they paid it because they had no choice, they needed their business to be operating, so paying doesn't always guarantee that you'll get your data back,' said Jenkins.
The conversation then pivoted towards the subject of market maturity.
Jenkins believes that when it comes to cybersecurity across the GCC, the region has room for growth.
'Cybersecurity maturity varies globally, and while regions like the US have had a longer runway to adopt certain disruptive technologies, the Middle East is making significant strides. In many cases, the region has followed global frameworks and best practices – which is understandable and often effective – and the next phase of growth will likely come from adapting and innovating based on local threat landscapes.
There's incredible momentum here, especially in the UAE, where leadership is clearly prioritising digital trust and resilience. As the ecosystem continues to evolve, we'll likely see more tailored strategies that reflect regional priorities rather than global templates. The direction is very promising.'
Jenkins explained the approach their company ThreatLocker takes towards security, which he outlined is very, very different to that of his market rivals.
'We are really taking a different approach in terms of the way we think about security. Currently, the approach consists of businesses building an AI agent that is going to look and scan for everything on your devices and shut down anything suspicious. But here's the problem. If you have a piece of backup software that took your files, and copied them to the internet for backup, then that's the exact same functionality as a piece of ransomware that takes your files and copies them to the internet. So, as a direct result of that the EDR are struggling to understand the intent of the application. The attitude that we adopt is one that we don't care if something is good or bad, we are just going to shut it down and block it and not let it work. However, if you need it within your organisation then you add it to a list, and then the organisation can decide if it is something that they use – then it should be allowed. This approach removes the constant fear of the unknown,' said Jenkins.
Jenkins added that some of the major businesses on their books in the Middle East, include Emirates Flight Catering and Red Sea Global, are both adopting this zero-trust approach towards security, as are a number of major banks, financial institutions and airports across the United States and Europe.
It's clear with the list of blue-chip organisations that ThreatLocker manage that their technology offering and philosophy on cybersecurity is resonating with markets in the US, Europe and the Middle East.
Jenkins stressed the importance of educating their clients on that zero-trust approach to security.
'We have to educate our clients. We are always demonstrating why we do what we do, we host hacking demos showing why these things are important and show the damage that can be done if EDR's are bypassed. We do this all over the world, it's not just in the Middle East. We do 850 events a year, which only goes to show you how committed we are to educating people on security, but eventually the penny drops, and people start seeing it. We have 54,000 companies that are using ThreatLocker technologies, and realistically we are the biggest player when it comes to things like application whitelisting. 54,000 sounds like a lot, but, in reality, it's just a fraction of what is out there, so there is a still a long way for us to go. But the signs are promising, and people are adapting to change,' said Jenkins.
The conversation then swung towards the topic of you know what, yes, you guessed AI.
AI is everywhere, impacting every industry vertical globally, and it's no different when it comes to cybersecurity.
Cisco President and Chief Product Officer Jeetu Patel said AI is the biggest challenge that cybersecurity has ever faced.
Jenkins echoed those sentiments somewhat by disclosing that AI is giving those using it for nefarious purposes an advantage.
'I think like most things in life, it provides more advantages to the attackers than it does to the defenders. We've gone from a scenario in which we had a population of a few million people in the world capable of creating ransomware to a population of 6 billion people capable of creating ransomware. However, where I see a lot of the problems with AI in the cybersecurity industry is the fact that many businesses are trying to use it to cut costs,' said Jenkins.
He concluded the conversation by highlighting how they use AI to improve their efficacy for their web filtering products and reinforced his views that cybersecurity practitioners need to use AI to enhance products and not slash costs.
'We have an entire department that focuses on AI. We have a web filtering product and within that product we have to determine whether they are adult sites, gambling sites, or regular business websites. We have a huge team of people that do nothing but look at these sites all day and categorise them, and their efficacy rate ranges between 99-99.6%. If you ask AI to do the same thing then it has an efficacy rate of 70%. Now that doesn't mean it is bad, but we use it to cross-reference our team and that has enabled us to increase our effectiveness. So, it does help us, but the security industry needs to look at AI to improve their product and not to reduce costs,' said Jenkins.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Business
21 hours ago
- Arabian Business
London Heathrow submits $65bn proposal to UK government for a third runway
London Heathrow Airport will be able to add 276,000 flights a year and increase the number of passengers from 84 million to 150 million annually after submitting a £49 billion ($65 billion) expansion proposal to the UK government. The plan includes the construction of the controversial third runway at a cost of £21 billion, a new terminal and re-routing the M25, the major highway that circles London. Heathrow expansion The proposal includes £12 billion to fund a new terminal and £15 billion for modernisation. The airport said the expansion would provide at least 30 new daily routes, more domestic connections and improved flight times. The runway would be privately funded. Terminal 2 would be extended as per the plan, while Terminal 3 – where Emirates flights operate from – and the old Terminal 1 would be demolished. Thomas Woldbye, chief executive, said: 'It has never been more important or urgent to expand Heathrow. We are effectively operating at capacity to the detriment of trade and connectivity.' The expansion would require demolishing 752 homes in the surrounding area to make room for the third runway, as well as realigning and widening the M25 between the junctions at the airport. The project would also improve public transport links to the hub by expanding bus and rail capacity. In a statement, Heathrow said: 'A third runway and supporting infrastructure can be ready within a decade, and the full investment across all terminals would take place over the coming decades.' The Labour government backed the new runway in January in a bid to boost UK economic growth. The project has faced opposition from environmentalists and local residents over the years, as well as the London mayor, Sadiq Khan, and some of Labour's own MPs. Britain's Supreme Court ruled at the end of 2020 that Heathrow could build the third runway, overturning a legal decision to block construction on environmental grounds. Meanwhile, hotelier Surinder Arora's Arora Group, one of Heathrow's largest landowners, said it will submit a rival bid to build a shorter third runway of 2,800 meters, that would be constructed at lower costs and with less disruption to local residents and the environment.
Zawya
a day ago
- Zawya
African Peace Award 2025
I bring you compliments from the board and management of African Peace Magazine UK ( On behalf of the Chairman Justice Suleiman Galadima, JSC, OFR, CFR (Rtd.) African Peace Magazine UK, humbly wish to specially invite you to attend the Hybrid and in person Award. The African Peace Magazine UK, in conjunction with her strategic partners: Rethink Africa Foundation, African Fact Checkers, Centre for peace and Conflict management in Africa, African Right Watch Television Ltd and several others is set to host the 15 th Edition of the prestigious African Peace Awards, it is scheduled to hold in London England with the theme 'The Magic of Peace'. African Peace Magazine UK, has been publishing for well over 15 years, and we are committed to promoting Peace, business networking, good governance and improved condition of living for Africans. Established in 2009, African Peace Award is an international award presented annually to honor individuals and organizations in various fields that have made outstanding contributions toward the realization of a peaceful and harmonious world as envisioned in the Declaration for All Life on Earth. They are selected not only in recognition of their past achievements, but for their ongoing contribution to building a better future. African Peace Award is usually presented at a ceremony during the annual dinner and lecture, where the laureate takes center stage to deliver a commemorative address and receive a medal and a diploma together with a monetary prize. In addition to this annual award, the Culture of Peace Special Award is presented occasionally to honor individuals and organizations in various fields that have notably contributed to spreading and fostering a Culture of Peace around the world. The event is designed to host business, political, and diplomatic leaders. It is set to have in attendance, policy makers and think-tanks on Africa and Africa related issues. The African Peace Awards 2025 seeks to honor persons, institutions, organization, governments and others whose actions, and efforts have in one way improved or contributed to peace keeping and conflict management in Africa as well as improving the lives of Africans. The African Peace brand has noted that Peace promotion and conflict management in any society alleviates uncertainty and risk which in turn promotes economic growth in any given community. It contributes to the economic growth of the community by increasing the productivity in capital and labour as well as good governance. The African Peace brand introduces its awards in the hopes of promoting peace globally and specifically in Africa with the hope of effecting change in Africa first and then globally. Several African Presidents, heads of Government, first ladies, past president and Vice presidents, top business CEOs, diplomats and others have received the Award in the past. Distributed by APO Group on behalf of African Peace Magazine. Contact Information: Attendance is strictly by invitation. For your VIP and VVIP Access cards To get you invite kindly contact us: +447771217805 +2348033975746 +447407399766 +1(443)8835678 For sponsorship, partnership, Exhibition and speaking opportunities and all other enquiries please contact: Chia Sandra International Affairs +2348033975746 +447407399766 Nigeria Abuja Office: Suite FT 12B Alibro Atrium Plaza Utako Abuja +2348033975746 South African Office: 16 Ridge Road Vorna Valley Midland 1686 South Africa +27662449117 Angola: Call +244928690892 +244993656970 +244927589884 London Office: 10 Saint Andrew Road Bedford MK 402LJ England Call +447777121780 WhatsApp +447407399766 Email: africanpeacemag@ Social Media: Twitter: Facebook: Instagram: LinkedIn: About African Peace Magazine: The African Peace Magazine is published by African Peace Magazine (U.K.) Limited, a company registered in the United Kingdom. We are also registered in Nigeria, Angola and South Africa. The magazine focuses on bringing the best of Africa to a global audience, telling the African story from an African perspective, while evolving solutions to peculiar challenges being faced by the continent today. Websites:
Zawya
2 days ago
- Zawya
Sophos launches new partner program
Builds on Longstanding, Award-Winning Program with New Certifications and Enhanced Support, Offering Partners a Flexible Framework to Accelerate Success Dubai, United Arab Emirates – Sophos, a global leader of innovative security solutions for defeating cyberattacks, today launched a new Sophos Partner Program, unlocking multiple opportunities for partners to accelerate growth, deliver industry-leading cybersecurity solutions and stand out in an increasingly competitive market. The new program brings together Sophos' and Secureworks' global partners into one integrated, high-performance ecosystem and builds on Sophos' award-winning program that is trusted by more than 25,000 partners globally. "The new Sophos Partner Program is designed to reflect the way partners want to build and scale their business today,' said Chris Bell, Senior Vice President of Global Channel, Alliances and Corporate Development. 'It offers a flexible and profitable path to growth, whether partners are expanding their managed services, launching cybersecurity advisory offerings or scaling existing practices. With this program, we're doubling down on our commitment to deliver the tools, incentives and support that help our partners lead in a rapidly evolving cybersecurity market.' This launch marks a significant expansion in the services and support available to partners. By combining the strengths of Sophos and Secureworks, the new program makes it easier for partners to deliver next-generation security outcomes faster, more profitably and at scale. Research from Canalys shows that for every $1 spent on cybersecurity products, customers invest an additional $2 on services delivered by partners – highlighting the growing demand for partner-led services and the opportunity to generate new revenue streams through high-value expertise and support. With complex threats on the rise and vendor consolidation becoming more common, partners are more essential than ever in helping customers navigate cybersecurity decisions. With the new Sophos Partner Program, partners can develop programs and services that align with their unique business models and go-to-market strategies – whether they are a managed services provider, reseller, cyber insurance partner, systems integrator or another partner in the ecosystem. The new Sophos Partner Program helps partners to build their cybersecurity business, grow their revenue and retain their customers through: A unified portfolio for market advantage: Following Sophos' acquisition of Secureworks, the new program unifies two world-class partner ecosystems into a single, streamlined platform – unlocking seamless selling across the full portfolio. Partners benefit from expanded opportunities to boost profitability and drive revenue, with access to a comprehensive portfolio spanning industry-leading endpoint, network, email, cloud security, XDR/MDR, Identity Threat Detection and Response (ITDR) and next-gen SIEM – all centrally managed through the Sophos Central platform and complemented by premier advisory and consulting services. A future-focused growth framework: Built for scale and profitability, empowering partners to grow faster and more efficiently through revenue multipliers, volume discounts and flexible billing. Partners gain access to high-value incentives, integrated sales and marketing resources, and advanced enablement through Sophos Academy's new MDR Guided Onboarding and sales quick-start certifications. Enhanced customer and partner success: Access to new resources designed to help partners deepen customer relationships, accelerate solution adoption and improve retention, while delivering superior cybersecurity outcomes for their customers. The program also provides expanded access to Partner Care, Renewal, and Customer Success teams, as well as free certification training for the entire partner community. Simplified, faster ways to win business: Partners gain access to additional tools that make it easy to sell and grow their business, including an innovative AI Sales Assistant that provides real-time guidance on portal navigation, resource location and sales insights. The partner portal experience is further enhanced with improved guided quoting, device and license management, opportunity management, and compliance dashboards. 'Sophos' new Partner Program is designed to incentivize partners to grow,' continues Bell. 'It offers partners everything they need to succeed, drive bottom-line revenue, fuel excellence for mutual customers and stand out in a crowded, competitive market. It's a way to continue to deliver on our promise to partners and build the best cybersecurity products, services and processes with our partners in mind.' What Sophos Partners Are Saying 'Sophos' acquisition of Secureworks and the ability to sell across both legacy portfolios is a significant opportunity for our business. We're excited to be able to offer next-generation SIEM through a partner we trust. This will enable us to differentiate and win more deals on day one, especially with healthcare and manufacturing customers. The ability to offer cybersecurity services provided through Secureworks will also save us significant time and energy that would have gone into expanding our in-house services. Coupled with portal changes that accelerate quoting and deliver in-depth snapshots of customer information, the new program will be a critical enabler for our sales and operations teams to meet our aggressive growth goals.' - Dave Peck, President and CEO at Trebron IT and Cybersecurity "As a longtime Sophos partner, the company's security solutions continue to be foundational to how we protect our customers. Sophos has consistently demonstrated that they are committed to helping us grow, which shows in its new Partner Program. The combined Sophos and Secureworks portfolios will further strengthen our defenses, uncover new business opportunities and help us stand out in the market. We're also encouraged by continued innovation in Sophos Central – especially enhancements like the AI Sales Assistant and the updated portal, which simplify self-service and accelerate how Softchoice and our customers do business.' - Andrew Campbell, Director of Security Category at Softchoice About the Sophos Partner Program Trusted by more than 25,000 partners around the world, the Sophos Partner Program and its leaders have been recognized by some of the most influential in the industry. Among other awards, recognitions include: 'Champion' in Canalys' 2025 Cybersecurity Leadership Matrix 5-Star rating in the 2025 CRN Partner Program Guide for 12 consecutive years Best MSP Solution by SE Labs CRN Women of the Channel for 14 consecutive years CRN Top 100 Executives for 12 consecutive years, including top 25 recognition this year for Sophos CEO Joe Levy and SVP Global Channel Sales Chris Bell These awards signify Sophos' channel excellence, strong market performance and dedication to advancing the cybersecurity partner ecosystem through best-in-class partner programs that are designed to foster lasting, profitable and successful partnerships. About Sophos Sophos is a cybersecurity leader defending 600,000 organizations globally with an AI-driven platform and expert-led services. Sophos meets organizations wherever they are in their security maturity and grows with them to defeat cyberattacks. Its solutions combine machine learning, automation, and real-time threat intelligence with frontline human expertise from Sophos X-Ops to deliver advanced, 24/7 threat monitoring, detection, and response. Sophos offers industry-leading managed detection and response (MDR) alongside a comprehensive portfolio of cybersecurity technologies — including endpoint, network, email, and cloud security, extended detection and response (XDR), identity threat detection and response (ITDR), and next-gen SIEM. Together with expert advisory services, these capabilities help organizations proactively reduce risk and respond faster, with the visibility and scalability needed to stay ahead of evolving threats. Sophos goes to market with a global partner ecosystem, including Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), resellers and distributors, marketplace integrations, and cyber risk partners, giving organizations the flexibility to choose trusted relationships when securing their business. Sophos is headquartered in Oxford, U.K.
