We ‘go phishing’ with Luke Potter, Cybersecurity Practice Director (CHECK Team Leader) at SureCloud, who tells us about life inside and outside the office.
What would you describe as your most memorable achievement in the cybersecurity industry?
The obvious answer would be achieving my current position. I’m extremely proud to work for SureCloud, I’m excited about the working we’re doing in the security and compliance space, and I’m pleased to have worked my way up to this level and through the ranks over the years. I’m now essentially running our cyberdivision and leading on all of our cyberproduct innovation, which is a great place to be.
Additionally, in late 2011 I achieved my Tiger Scheme Senior Security Tester qualification, which allowed me to become a CHECK Team Leader. It’s a highly coveted and difficult to obtain accreditation, so felt like the culmination of a great deal of studying and practice.
What first made you think of a career in cybersecurity?
From my earliest days in the IT industry, cybersecurity was certainly an area I was particularly interested in. Then I went to work for an insurance brokerage looking after its technical infrastructure and while I was there we undertook a major project to become PCI compliant.
I found it fascinating, making sure all our clients’ data was safe, implementing the correct controls, processes and procedures. It ignited a passion which has stayed with me.
What management philosophy do you employ in your current position?
My philosophy is very leadership focused and that means that mutual respect is key. I don’t believe people can expect to lead well unless they are respected by their team – and, equally, that they won’t earn that respect unless they give it back.
I work hard to look after all the people in my division and in turn they all work hard, always, to support myself and the business. It’s a real meritocracy.
What do you think is the current hot cybersecurity talking point?
Highly tailored, directly targeted attacks. We all know about mass ransomware and spam campaigns or the classic scams that have been repeated over the years, claiming that you’ve inherited thousands of pounds; it’s old news. Now, the most common way for organisations to be targeted is far more personal. This is where social engineering comes in, manipulating people into clicking on links or opening attachments with incredibly insidious, carefully-designed communications, often purporting to be from within the same organisation.
Whether these attacks stem from groups of criminals or are state-sponsored, the point is that they are incredibly personalised and sophisticated – which means, of course, that the defence needs to be also.
How do you deal with stress and unwind outside the office?
It has to be all about spending time with family. Days out, holidays, just spending time together at home – it’s definitely very important to me and that balance is a broader part of the SureCloud culture too.
Still, I’m not sure I ever really switch off from the office entirely. I’m always thinking about a project that we’re working on, broader trends in cybersecurity, how to solve a particular problem and so on.
If you could go back and change one career decision what would it be?
It’s tempting to say not getting into cybersecurity sooner, but in fact I think the best penetration testers are those that come from more general technology backgrounds. To find the flaws you need to know how things are put together.
What do you currently identify as the major areas of investment in the cybersecurity industry?
I think remediation programmes are an interesting one. It’s a challenge we’re seeing more and more; most organisations these days have a variety of controls in place, such as vulnerability scanners and penetration tests taking place, and understand why they’re important. But they don’t always know what to do with the information collected by those processes and have a clear strategy for isolating and remediating the weaknesses and vulnerabilities they find. It’s important to realise that cybersecurity is an ongoing process of improvement, not just a case of implementing a series of tests and saying ‘job done’.
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions? Middle East, Africa, Europe, Americas.)
Not really. At the end of the day, everyone is using similar operating systems, software, hardware and so on. The major vendors and suppliers are international.
Clearly regions vary in terms of the attention paid to cybersecurity and the resources available to tackle it. But there are plenty of ways of protecting data without a huge upfront investment; there are so many open source tools and information-sharing forums, that really the most important thing is to have the right skills and knowledge on hand. The cybersecurity community is fantastically collaborative – and of course, international.
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?
I would say that I am working more closely with clients from a strategy and best-practice standpoint than I was a year ago. I spend less time than I used to on frontline testing – though I still like to keep my hand in when I can. Essentially I hope that I have transitioned more into being a business leader.
As we continue to grow the team and expand our capabilities we will be working on more – and bigger – projects, which should mean that it’s ever more important for me to provide that top-level strategic advice.
What advice would you offer somebody aspiring to obtain a c-level position in the security industry?
Working hard is a given. Know what you’re trying to protect – the networks, systems and applications that you are in charge of. And focus on continual learning; this is a hugely dynamic space, so it’s important for us to be constantly improving. Collaborative with the community and get involved – this is a great space to be in!