How Tesco’s security teams work together to reduce risk at scale

How do you secure an organisation the size of Tesco? In this DevLab episode, we’re joined by Harry McLaren, Head of Cyber Defence, and Jason Larkin, Head of Platform Security Architecture at Tesco, to unpack how modern security works at real scale. They talk through identity becoming the new perimeter, why attackers are increasingly “logging in, not breaking in”, and how architecture and cyber defence teams work together to reduce real-world risk. It’s a grounded conversation about fundamentals, complexity, cloud security, and what actually matters when theory meets reality. 🎧 Watch the full episode and use the chapters below to jump to specific topics. 00:00 Introduction to cybersecurity at Tesco 01:31 Career journeys into security and engineering 09:47 What Harry and Jason actually do today 15:23 How cyber defence and architecture work together 20:57 Why the basics are still the hardest part 26:02 How modern attacks actually happen 28:23 Why people and education still matter in security 30:22 Using threat intelligence to focus on real risk 34:27 Why complexity makes security harder at scale 43:39 Cloud security: what most teams get wrong 48:00 Looking ahead: fundamentals, AI, and what matters next Read more about Tesco: https://hackajob.com/company/tesco?hs...