As with many companies, there are a lot of roles within a cyber security consultancy company besides the customer-facing consultants. We have teams for marketing, HR, recruitment and finance to name a few. But what is it really like working in the back office of a busy cyber security organisation?
If you’re reading this with an information security background, or you keep up-to-date with the news surrounding the digital world, you will already know how incredibly interesting the cyber security industry is. If you’re new to cyber security, perhaps you’ve just chosen to read this article because it popped up in your social media feed, you’ll soon discover that once you get involved in this industry, you can’t help but be drawn in by the fast paced, thought-provoking security knowledge which is constantly being revised and renewed. You develop a desire to learn more about the latest malware, what’s being done to combat cyber security attacks and, yes, I’ll admit, how a company has fared when a test or audit has been carried out.
There’s more awareness around the types of attacks out there, such as social engineering, and how to become better protected by using a password manager or learning which websites not to use as their security isn’t up to scratch. You learn that malware can be concealed in the firmware of a USB, causing it to not be visible in the storage folder, and that it’s not just links that can lead to viruses but also attachments which can allow backdoor access. With Bridewell being an NCSC certified consultancy, we also stay up-to-date with the emerging cyber security threats and the latest legislation.
Being advised promptly of companies who’ve been hacked, such as the bug discovered in Apple FaceTime, can be really helpful when you personally use that service. It means you can quickly change your password, or at the very least, are aware of what personal data may now be in the public domain. Being involved in cyber security also makes you much more appreciative when you see a company has earned a certification such as ISO27001, as you know how much work would have gone into earning that.
Educating those around you
Working at a cyber security company doesn’t just benefit your own knowledge. When you’re surrounded by cyber security best practice, updates on the latest breaches, and the knowledge of the devastating effect a successful red team activity can have on an individual or a company, you start to want to share those best practices with others around you.
The realisation that a vast amount of people are so easily affected by cyber security attacks (and I’m not just talking about my grandparents in their 80s) really makes you want to be proactive and help those you meet stay safe in the digital world.
Even though you don’t personally assist on client work, a client gaining their Cyber Essentials certification or having their vulnerability patched, still gives you a great sense of satisfaction knowing your company has made another organisation more secure. And in a world where so many businesses have a severe lack of security in place, it’s good to know there is now one more company who is successfully protecting both their own data and that of their customers.
As well as the day-to-day job, there are a multitude of events to get involved in, from conferences, to talks, to breakfast briefings. These may be events to advertise the business or to educate those who may be lacking in information security knowledge. For myself, it’s a great chance to get out of the office, network and share my enthusiasm for working at Bridewell with others. It also allows me to see how the industry is improving and transforming, not just through competitor research, but by talking to CISOs and security managers and finding out what’s currently important to them and their business.
So, what’s it like?
To go back to my original question; it takes a lot of hard work, but you’re never bored. It’s a fascinating environment to be involved in and most of all, it’s rewarding. The people you meet and work with have a huge amount of knowledge to share and stories to tell, and the businesses we come across range from commonplace to extraordinary (think along the lines of “who’d have thought there was a business for that!”).
Ultimately, it takes a team to provide a great service and I feel fortunate to work for such a wonderful team of people that make Bridewell Consulting what it is. If you’d like to know more about the services we offer and speak to a member of the team, feel free to give us a call on 01189 255 084 or message us through the website chat box to your right.
Written by Rachel Finn – Office Manager