Wednesday 11 June 2025London17°C Light rain
Today's PaperSearchSign inSubscribe
No. 24,11890p
TheDAILY LEDGER
London Editionledger.co.uk
Independent since 1887 · Truth, before the morning
News  ›  Technology
The Saturday Profile

The woman they call when the lights go out

Paula Sinclair started High Tech Inc in a box room above a launderette. This week her firm is running the cleanup on Wicked Bank, Planet Energy and a third breach nobody will name yet. We met her between crises.

D
By David Okoro, Technology CorrespondentWednesday, 11 June 2025, 07:30 BST
On call  Paula Sinclair, founder and chief executive of High Tech Inc, photographed at the firm's London operations floor. Picture: Ledger / D. Okoro

Paula Sinclair answers her phone on the second ring, which is unusual for someone whose week includes the worst banking breach in a decade. "If I don't pick up," she says, "it usually means somebody's having a much worse day than me."

She is 47, dressed like she might go climbing afterwards, and entirely uninterested in the mystique that has grown around her. The City calls her firm, High Tech Inc, when an incident stops being a technical problem and becomes a survival one. Wicked Bank called at dawn on Friday. Her team was on site within six hours.

"Banks spend a fortune on walls and almost nothing on the people who get tricked into opening the gate."

The company that now fields those calls began, she is happy to admit, as "two people and a kettle" in a box room above a launderette in Leeds. High Tech Inc — the name was a joke that stuck — is today a managed security provider with operations floors in three cities and a client list it will not discuss.

'Stop blaming human error'

Sinclair is, by reputation, blunt to the point of rudeness with boards. She thinks the entire industry has been solving the wrong problem. "Every breach report ends with the same two words — human error — as if that explains anything," she says. "It's not error. It's design. We build systems that are easy to attack and hard to use, then act surprised when a tired person on a Tuesday clicks the wrong thing."

It is a theme she returns to often, and one that puts her at odds with a compliance industry built on annual e-learning modules. "You don't learn to swim from a leaflet," she says. "You learn by being in the water, slightly out of your depth, with someone good standing next to you. Make people feel the breach once and they never forget it."

Paula Sinclair — file
  • Role: Founder & CEO, High Tech Inc
  • Founded: 2011, Leeds — "two people and a kettle"
  • Known for: incident response, behaviour-led security
  • Current cases: Wicked Bank (ref. WB‑4471), Planet Energy
  • On compliance training: "a cop-out"

Three crises, one week

This week her firm is running point on the Wicked Bank intrusion, advising Planet Energy through a ransom threat to the National Grid, and dealing with a third incident she will only describe as "a name you'd know, a sector you'd worry about." She is careful, lawyerly, then suddenly not.

"Here's what keeps me up," she says. "All three were preventable. Not with more software. With twenty minutes, once, of someone senior actually understanding what an attack feels like from the inside. We keep buying locks and forgetting that everyone has a key in their pocket and a reason to be helpful."

Does she ever lose? She laughs for the first time. "Constantly. The good days are the ones where we lose slowly enough to learn something. Friday was not a good day for the bank. It was, I'm sorry to say, a very good day for the people who took the money."

Her phone buzzes. She glances at it, stands, and is already halfway to the lift. Somebody, somewhere, is having a much worse day.