Tell us about what you do here
My role at OnSecurity is really just to listen. It’s still the only way to properly get under the skin of a business and understand what keeps them up at night. And hopefully if we get it right, we anticipate what they’ll need from us next.
I’ve always loved that exchange of ideas with a client when you’re creating a solution together. Because once you’ve cracked that dynamic, the rest is easy and mostly revolves around orchestrating the internal team to support the client during and after their tests.
What first attracted you to the world of IT security?
The Movie ‘War Games’ convinced this Child-of-the-90’s that any hacker could launch Armageddon from their bedroom with just a Commodore 64. And even though I later learned the crushing, (boring) truth. It was too late. The damage was done: I was intrigued! And now, somehow, I’ve managed to turn my childhood intrigue into my actual day job.
Outline a typical day
Morning starts with my plan for the day – this time is sacred. Though my job title is Head of Sales & Strategic Partnerships my role can actually be pretty varied, so the daily discipline of a plan keeps me focused on priorities.
After that, it’s a morning catch-up with the rest of the team (fuelled by copious BIG mugs of black coffee). Once I’ve downed enough caffeine to launch an elephant into low orbit, I crack on with the day’s business: my clients.
Pen-testing is a serious business and CISO’s and IT managers are put under the most incredible pressure these days and I’ve found there’s no better excuse to pause and take stock than ‘The Great British Lunch’. So 2 or 3 days a week, you’ll find me out to lunch with a client or partner, just catching up – and talking business as little as needed.
After that, my afternoons are thankfully quiet so that’s when I can carve out a few solid hours to get contract work nailed or draft a blog for LinkedIn.
Finally, my day ends around 5.30-6.00 when I write up my plan, ready for the next day…
What have you been working on mostly since joining OnSecurity?###
There is a temptation with a new IT Security testing offering like ours to try to sell it to everyone - all at once. So one of my most important tasks has been to rein it in and refocus on those routes-to-markets that best fit our new approach. Our many successful partnerships in 2018 with Security Resellers were a product of that structure and discipline.
Recently I’ve enjoyed working more closely with the product team: Tom, Conor, Dan and Calum (Yes, we’ve got two ‘Calums’). It’s been really rewarding to bring client feedback to the product team and to figure out together how to keep eliminating waste and hassle. It’s an ongoing process, sure. But bit by bit, we can see it’s working; client’s attitudes to pen-testing are morphing away from the traditional: ‘Dreaded-exam’ to a more ‘Ongoing learning’ experience.
What are you most excited about in the coming months?
Being part of rapidly growing business is always exciting. But what’s even more exciting is how our growth is based responsiveness to client’s needs, not preying on their fears.
This is where traditional penetration-testers trap themselves. Their model only makes money from inflating day-rates, billing extra hours and hidden fees. It’s a mad dash to grab what money they can.
But by simply listening to client’s needs we’ve built the right tech to solve real problems. And if I’m honest, this is the aspect I’m most excited about: supporting our product team to keep the client at the heart of the design as we scale.
Quick Q&A with Calum:
How would you describe your job to a child?
I try to figure out what people need before they do.
If you weren’t at OnSecurity, what would you be doing?
On a Mediterranean beach sipping a Bombay G&T.
Before OnSecurity what was the most unusual or interesting job you’ve ever had?
I did a brief stint as a broker for a FOREX company – it was as hellish as it sounds.
What are 3 words to describe OnSecurity?
Innovative, motivated, sleep-deprived.
What’s your number 1 security tip?
Stop trying to memorise all your passwords. It’s 2019, you have hundreds - it’s impossible! Just settle on a password manager you like and move on. rant over.
What are your three most overused words/phrases?
GDPR, GDPR, And,…you guessed it:…GDPR.
If your house was burning down, what’s the one non-living thing you would save?
Got to be my Playstation or my beloved Nespresso coffee machine…
Cooking! My pork and prawn spicy noodles with crispy onions have been described as both “Incredible” AND “Dangerously spicy”.
What popular quote to you hate?
“What will be will be” – Rubbish, I believe you make your own future. Nothing great ever happened by letting things stay as they are.
What’s your favourite noise?
It’s got to be the gurgle of my Nespresso in the morning as it brews the first of many big mugs of caffeine heaven.
What will finally break the internet?
People Googling Google.
I learnt to sail aged 6.