The Hacker in the Boardroom: What Glenn Wilkinson Taught Us About Security and Human Behaviour

In today’s digital landscape, the most dangerous vulnerability in your organisation isn’t a line of faulty code. It’s the human sitting at the keyboard. That was the stark message from ethical hacker and cybersecurity expert Glenn Wilkinson, whose keynote at the Chartered Governance Institute UK & Ireland Scotland Conference 2025 reframed how boards should think about digital threats.

“Hackers don’t start with technology. They start with the people.” — Glenn Wilkinson

This isn’t just a provocative soundbite. It’s a wake-up call for boardrooms everywhere.

How Hackers Think: People and Process Before Code 

Wilkinson’s approach to hacking is unsettlingly simple. He doesn’t start with firewalls or encryption protocols, he starts with people. Phishing emails, social engineering, and exploiting poor governance practices are often more effective than any brute-force attack.

He shared stories of gaining access to sensitive systems not by cracking passwords, but by exploiting trust; convincing someone to click a link, share a document, or bypass a process. In his world, the weakest link is rarely the software. It’s the assumptions people make about what’s safe.

This insight has profound implications for boards. Cybersecurity isn’t just an IT issue, it’s a governance issue. And it starts at the top.

Governance as a Security Strategy

Boards are custodians of trust. They oversee risk, ensure compliance, and set the tone for organisational culture. But too often, digital governance is treated as an operational detail rather than a strategic imperative.

That’s where platforms like Admincontrol come in. As a secure digital collaboration platform purpose-built for boards, Admincontrol doesn’t just streamline workflows, it embeds security and governance into the DNA of board operations.

• Controlled access: ensures that only the right people see the right documents at the right time. 
• Audit trails provide transparency and accountability. 
• Encryption and secure storage protect sensitive information from prying eyes, whether human or machine.

In a world where hackers exploit the cracks between people, process, and technology, these aren’t just features. They’re frontline defences.

The Boardroom's Role in Cyber Resilience 

Wilkinson’s message to board members was clear: you don’t need to be a technologist to lead on cybersecurity. But you do need to understand how human behaviour, governance, and digital tools intersect.

This means asking the right questions: 

• Are we treating cybersecurity as a strategic risk? 
• Do we have clear protocols for digital collaboration? 
• Are we training our people to recognise social engineering tactics? 
• Are our board tools reinforcing or undermining our security posture? 

From Insight to Action 

The boardroom is no longer a safe distance from the frontlines of cyber conflict. It is the frontline. And the decisions made there (about tools, culture, and governance) can either open the door to attackers or shut it firmly.

Glenn Wilkinson reminded us that hackers are watching for human error. Admincontrol exists to help boards close that gap by making secure collaboration the default, not the exception.

Because in the age of digital threats, good governance is good security.