Data privacy and security is at the core of what we do to help our customers thrive. In recognition of Data Privacy Week 2025—an annual event dedicated to raising awareness about the importance of safeguarding personal and organizational data—we’re thrilled to introduce Sparkrock’s new Security Officer, Stephen Marshall. Stephen brings over two decades of hands-on experience in IT and cybersecurity, and he’ll be at the forefront of ensuring our organization’s data remains secure.
Q: Could you give us an overview of your background before you joined Sparkrock?
Stephen: Like many people, I started out in networking as an administrator with Windows and Linux systems. Over the years, I pursued specialized certifications that led me deeper into security and ultimately into cybersecurity. It may sound straightforward, but it’s been a journey spanning more than 20 years. I also taught Cisco, Microsoft and Linux courses, which showed me the value of effective communication. Eventually, I transitioned to working on security architecture, Azure and AWS, focusing on security, governance, and implementing tools like Sentinel and Purview.
Q: From your perspective, what are the major security issues facing organizations that are working in the cloud in 2025?
Stephen: I see two main challenges. For those in the process of migrating from on premises to cloud systems, legacy systems can be difficult. Policies, security frameworks, and data integrity measures need to be addressed as they do not always translate smoothly into the new environment. For organizations already in the cloud, rapid growth and scalability can make it easy to overlook certain governance settings. You can unintentionally apply or remove security controls at various levels without realizing it. With new tools, features and threat vectors constantly appearing, security teams need to stay vigilant and frequently review, and adjust configurations to ensure the fluidity and usability of systems within the security landscape.
Q: Your background includes extensive work with public sector and government organizations. Any there any particular challenges that these types of organizations need to ready themselves for in 2025 and beyond?
Stephen: A lot of these organizations deal with budget constraints. Budget cuts often lead to cutting contractors or reducing in-house security teams, which can be risky. If you lose contractors with niche expertise, you might find yourself lacking crucial security knowledge in-house. On the flip side, if you do have a dedicated in-house team, it can be a challenge to retain expertise to deal with legacy infrastructure and keep up with rapidly changing types of attacks and vulnerabilities. In 2025 and beyond, public-sector organizations will likely need thorough security posture reviews and ongoing training to stay ahead of new threats.
Q: What areas of cybersecurity are you especially passionate about?
Stephen: I’ve worked on red teams, focusing on penetration testing and threat modeling for everything from insider threats to advanced persistent threats (APT). My specific interest lies in analyzing data holistically and applying it to security architecture. That way, security policies aren’t just something for executives to talk about—they become actionable at every level of the organization.
Q: What do you hope to bring to the Sparkrock product team?
Stephen: I aim to strengthen our overall security posture and architecture. That means continually monitoring external influences to keep data protected. I also want to boost customer confidence by demonstrating that we apply best practices and comply with relevant standards.
Q: Any fun facts about yourself you’d like to share?
Stephen: Sure! In my spare time, I’m working on drawing my own manga.
Q: As we wrap up, is there anything else you’d like to add, especially in recognition of Data Privacy Week?
Stephen: Just that I’ve been excited to see how much support and emphasis our team places on data integrity and security. Data Privacy Week is a reminder that privacy affects everyone—from internal operations to the trust our customers place in us. I’m looking forward to helping us continue to build on that foundation by implementing proactive and transparent security practices.
We’re delighted to have Stephen coming on board just ahead of this important week of awareness and learning. His extensive background and passion for cybersecurity will be key to enhancing our data protection efforts and reinforcing trust with our customers. Stay tuned for more updates on our security initiatives—and have a safe and insightful Data Privacy Week!