The world of cyber crime is everevolving, as entrepreneur Anthony Flemmer of Defence Logic found when he embarked on a new career in digital security. He spoke to Emily Moore
Sponsored Content
AS career changes go, the jump from IT to cyber security seems, in many ways, to be relatively logical.
However, going from quantity surveying into IT-related project management is a less obvious transition and one which Anthony Flemmer admits came with ‘quite a stressful learning gap’.
Now the chief executive of cyber security firm Defence Logic, South African-born Anthony graduated with a degree in quantity surveying before deciding in his late-20s that a change was necessary.
“I was about 28 when I took a long hard look at what I was doing and asked myself: ‘Are you going to do this for the rest of your life?’ The answer was simple,” he recalled.
“There was no way I could do that. I knew exactly what each day would look like and there wouldn’t have been enough variety. What I didn’t realise at that point, though, was quite how difficult the transition would be.”
Though, as challenging as those early days may have been, Anthony soon forged a strong career in his newly chosen field, and it was his decision to learn this completely new set of skills which, in 2007, brought him to Jersey.
“I moved to the Island as a project manager/business analyst with Standard Bank who, at that time, were carrying out a major migration from one system to another,” he explained.
After completing his contract with the bank, he spent time working in IT and client onboarding with RBC before, in 2017, he had a conversation which set his career on its next trajectory.
“I received a phone call from Alex Brunwin, the co-founder of Defence Logic, saying that he wanted to set up a cyber security business and asking whether I wanted to run it,” said Anthony. “I gave it some thought and decided, yes, I’ve got the energy for another career change. Let’s give it a go.”
Despite having amassed a wealth of technical knowledge during his time in IT, Anthony admits that forming – and then running – Defence Logic required him to embark on another steep learning curve.
“Not only did I have to learn about cyber security, but I had to develop skills in sales and marketing, something which I hadn’t really focused on previously,” he acknowledged. “I somewhat naively thought that people would buy from me just because I’m a nice guy, but I soon realised that wasn’t the case.”
But that was only one of the changes facing Anthony.
“I soon realised that the transition from being employed to becoming an entrepreneur is massive,” he reflected.
“When you work for a large corporate organisation, life is generally pretty comfortable, with support networks and healthcare provisions among the benefits.
“When you step away from that environment, suddenly you are on your own and not only did I quickly have to develop a lot of new skills, but I was also suddenly painfully aware of things such as balance sheets and cash flows. When the company’s success or failure is in your hands, there is a real sense of fear – but that’s a positive thing because it’s that fear of failure and stepping back into the corporate world that really motivates me.”
Although six years may not seem like a particularly long time, Anthony admits that the world of cyber security – and that of Defence Logic – has moved on significantly in that period.
“If you talk to any entrepreneur, they will tell you that when they launch a business, they do so with a huge amount of enthusiasm,” said Anthony. “Then you realise that there are competing forces against you.
“Although it was a fairly open market in 2017, there were a lot of other cyber security providers, albeit not doing exactly what Defence Logic does. What I quickly learnt was not only that we needed top-quality products and services, but that we had to fight to win, and even more importantly retain, business. Doing that requires an exceptionally high level of dedication to service.”
Underpinning the company’s offer are three core services – penetration testing, SIEM (security incident event management) and governance support.
“When we launched Defence Logic, our team designed and prototyped our SIEM software, which has since been rolled out to a number of clients.”
But why should organisations have a SIEM system in place?
“Cyber attacks are increasing all the time, and you have to assume that at some point your system will be breached, which means that the attacker has got past your firewall and is now within your system,” Anthony explained.
“It’s similar to protecting your property in South Africa. You wouldn’t just build a wall around your house and install an electric fence because you know that, sooner or later, the criminals will tunnel under the wall, climb over the fence or even punch a hole through the wall to gain access. And then what do you do? They are in and you don’t know where they are, unless you have another level of security as well, whether that be cameras or guard dogs.
“And that is exactly the approach you need to take with cyber security. Our SIEM solution monitors everything taking place behind that firewall and sends out alerts whenever it detects any abnormal activity.
“Crucially, it also enables you to see which part of your systems the criminals have accessed. That is vital as, in the case of a breach, the first thing the incident responder will want is the activity logs and monitoring system. Without a SIEM, you have no information to give, and you might as well start writing out the cheque for the ransom.”
While SIEM helps to identify and respond to threats, penetration testing reduces the risk of an attack by identifying vulnerabilities within the system.
“This tests whether your defences work,” said Anthony. “The type of test is determined by the client. They can choose Black box; when the client does not tell us anything about their system or it can be Grey box, when we are provided with limited information about their system.
“As a general rule, that first penetration test is invaluable. It nearly always generates a report with a long list of problems, which shows clients just how vulnerable they are.”
A lot of the attacks, Anthony says, are driven initially by bots operating from countries such as Russia, China and Iran.
“They are looking for small vulnerabilities in organisations and, once they find these vulnerabilities, they probe them to see if they can be exploited,” he said. “When deciding on a ransom amount, they then look at a company’s balance sheet or valuation.
“They target those organisations which would be most worried about individuals’ data privacy. Banks, financial services firms and medical organisations are great targets, but every business needs to be on its guard.”
And, generally speaking, Anthony says that Jersey companies are aware of the risks and are taking steps to mitigate these.
“Jersey has come a long way in the past six years and other jurisdictions – such as Mauritius where Defence Logic is planning to establish a presence very soon – are looking at the Island to see what we’re doing. There are still some people who are “taking a chance” and not carrying out any testing but, in taking that approach, they are making themselves easier targets.
“If your organisation uses computers, then you are a target and the bigger your company is, the greater the target it is and the harder it is to defend because you are only as strong as your weakest person.’
With hackers and cyber criminals becoming ever more sophisticated in their approaches, Anthony admits that this is a difficult area to manage.
“You have to keep upping your game,” he said. “You can’t do one penetration test and think “that’s it, job done” because new techniques and approaches are emerging all the time and, with cyber crime being a well-funded business model, this isn’t a problem which is going to go away.”
And it is this ever-evolving threat which is driving Defence Logic’s next ambitions.
“We are striving at the moment for our CHECK certification, an accreditation awarded by the National Cyber Security Centre,” he said.
“Unfortunately, because our company is registered in Jersey rather than in England and Wales, we are encountering some obstacles with this, so we’re working with CERT and the government to overcome these hurdles.
“We are also constantly evolving our penetration testing and SIEM systems to ensure that they are as up-to-date as possible and we are helping organisations improve their cyber security governance with the adoption of ISO 27001.
“And we have some exciting secret-squirrel activities, which we are working on. One of the other things I’ve discovered since moving from the corporate environment to the world of entrepreneurialism is that you never switch off. Your “holidays” tend to be the strategic think times, when you plan the big changes you are going to introduce to keep stepping up. The challenge now is implementing those changes, so watch this space.”