Combating Adversaries, The Way We Know Best
“I do not believe in luck. Coincidence can happen, but I believe in well-preparedness, and proactive measures.”
A little more than two years have passed since I founded this company along with Chris Dale, and I am taking a moment to dwell on the past, present and future for our company. I will address my observations and my take on both the possibilities and challenges we are facing now and in the future.
When positioning River Security within cyber space, we clearly saw a gap that needed to be filled. We started talking to clients and our networks to see if there could be room for a brand-new discipline – taking on proactiveness and continuous deliveries as part of offensive services, our specialty. To remind you – proactiveness is not the same as protectiveness, and yes – we do need both.
Trends and innovations
The industry is experiencing a massive growth. We see new companies popping up on a regular basis, whereas larger traditional firms try to keep up and repositioning to surf the wave of cyber security (with various credibility).
We observe many M&A (Mergers & Acquisitions) attempts in the industry, most likely because it is not easy to innovate, build and create. A couple of questions I would love to have the answers, but for now I think they are merely food-for-thought:
Does it lead to new innovations? Or do they copy each other out, re-wrapping old ideas and concepts? And most importantly – are we really fighting cyber-crime and threat actors? What happens when an innovative and forward-leaning company is bought by an “old & boring” company? Is it even possible to maintain the atmosphere and culture that drove the good fight against cyber-crime, or will it wither to become all about billable hours?
It is hard being a first mover, holding a creative mind, creating the path into unknown terrain, but we truly appreciate those who dare to try. Through my network of both international and local clients, I can happily inform that there is still great ideas and new concepts in the wake. But from my point of view, many companies attempt to be the one-stop-shop – delivering from A to Z within cyber security. I think we need to emphasis the specialist-shops holding a narrow Active Focus (pun intended).
Talent and management
“Initiative conquers skill”
In the mass media, social media and conferences, experts express their concerns for the future as the gap between the predicted need for Cyber Security professionals compared to available people with the right competency continues to increase. This might be correct to some degree, but if we have an open mindset when hiring, there is so much great talent all over the globe.
Building a tech-company with a defined virtual worker strategy leaves us with a definite edge in the market as this is not by coincidence or due to the pandemic. This is carefully considered to be the best option to accelerate and build efficient tech-teams and processes as well as an ideal way to attract the best candidates globally.
Virtual workers benefit from a new style of leadership and need to be treated and led differently than employees in a traditional office environment. Without much experience within the area, we have still been able to observe that balancing act of facilitation of autonomy, support of individuals and establishing psychological safety; this is vital to success and interpersonal risk taking. There is still much to learn, and I strongly believe we will see some reshaping of management theories as we are just coming out of the pandemic that changed everything when it first started.
Changes are here, and more are coming
“Cyber Security is like going to the gym – the results of consistency and continuous efforts are what will make the difference”
The increasing media focus on cyber security, threats and attacks has most certainly led to some changes in both the industry, but also in companies. Not too long ago, cyber security used to be something the IT-staff took care of. Now – we see that cyber security is at the table in almost every boardroom, and companies are seeking external guiding and counselling. Most companies are starting to understand that it is in fact possible to build resilience and are increasingly willing to invest in risk reduction. Whatever it takes to sleep better at night.
There are massive amounts of accessible data that aids threat actors in their intrusions. Swathes of breaches leak sensitive and personal information all over the internet. The internet was simply not designed for our current age of time. The active use of internet is somewhat 30 years old, and we are still figuring out how to best utilize it, but not until recently have we started focusing on the downsides and risks connected to the increased utilization of the World Wide Web, or as my co-founder likes to describe it; “the Wild Wild West”.
“If you know your enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained, you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
– Sun Tzu, The Art of War
Nobody knows what tomorrow will bring, but the prepared do not fear the uncertainty. We have, with a proven track record, what it takes to both know our enemy, and ourselves; so, we can definitely start winning our battles.