Go Phish: Marc Brungardt, Co-founder and President, Foresite

We ‘Go Phish’ with Marc Brungardt, Co-founder and President, Foresite, who tells us about life inside and outside the office.

Foresite is a global service provider, delivering a range of managed security and consulting solutions designed to help customers meet their information security and compliance objectives. In the face of increasingly persistent cyberthreats, Foresite’s solutions empower organisations with vigilance and expertise to proactively identify, respond to and remediate cyberattacks and breaches where they occur. The company’s team of industry veterans work as an extension of customer staff, providing peace of mind while securing their most important assets.

What would you describe as your most memorable achievement in the cybersecurity industry?

Foresite and the company’s rise to prominence in the market is my most memorable achievement in the cybersecurity industry to date.  I co-founded the company in 2013 with a couple of friends and former colleagues that I respected in the business.  We are now a multi-national managed security service provider with more than 800 customers.  It is an experience that keeps evolving and gets better each day.

What first made you think of a career in cybersecurity?

I didn’t intentionally set out to have a career in cybersecurity.  However, after spending more than a decade leading an information management business specialising in electronic discovery, forensics and litigation support, an opportunity was presented to me to take a leadership role in a large global VAR and MSSP that specialised only in cybersecurity.  Upon the sale of that business to NTT Com, the experience led me to an Israeli cybersecurity start-up for a few years before starting Foresite with the insight and experience that I gained from the prior experiences.

What style of management philosophy do you employ with your current position?

I expect a lot from my employees and hold them to higher standards than many managers probably do; however, I also provide a lot of latitude for them to exercise their creativeness to excel in their roles.  My basic belief is that our goal is to exceed our customers’ expectations for quality, service and professionalism.  Family is very important to me.  My aim is for our employees to have a good work/family balance. We work hard, so we can play hard and take care of our families.

What do you think is the current hot cybersecurity talking point?

Problematic shortage of cybersecurity skills.  More than half of businesses identity as having cybersecurity skills deficits.  With nearly three million global unfilled cybersecurity jobs, the world is in a terrible position to deal with the evolving cybersecurity needs.  There is really no end in sight for where this will reach an amicable balance.

How do you deal with stress and unwind outside the office?

I enjoy travelling and spending time with family. The majority of my free time is spent coaching my boy’s competitive football and baseball teams.

What do you currently identify as the major areas of investment in the cybersecurity industry?

Hardware and software still account for large portions of cybersecurity budgets; however, nearly half of typical cybersecurity budgets are now being spent on services.  Managed security services are the fastest growing component within the services spend, driven by the skilled cybersecurity labour shortage and increased compliance drivers.

Are there any differences in the way cybersecurity challenges need to be tackled in the different regions? Middle East, Africa, Europe, Americas.

I think for the most part the basic principles of managing cybersecurity is fundamentally the same in every region.  We really live in a time where there are no borders or boundaries in the digital reach of cybercriminals.  That said, there are of course regional differences in terms of compliance regarding data privacy, storage, etc that must be taken into consideration to ensure regional requirements are appeased.

What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?

My role has not fundamentally changed much in the past six years.  As the President at Foresite, my primary responsibility is leading our operations to deliver quality services to our customers and value for our shareholders.  We are hoping to do some acquisitions in the next 12 months which would add some additional responsibilities of integrating the businesses.

What advice would you offer somebody aspiring to obtain c-level position in the security industry?

C-level positions require a bachelor’s degree and often a master’s degree as a prerequisite for the role in most companies.  Beyond that, my advice would be to not rely solely on honing technical skills needed for the desired role.  Of course, those skills are important as is building up a solid personal resume that would be appropriate for advancement; however, executive roles in cybersecurity may even more so require leadership, operational and strategic skills.  It is important that you develop yourself in these areas as well and present the entire package to prospective employers.