A warm welcome from Theta, Pete. Hope you're settling in ok!
Thanks. It's been a great few weeks getting to know my very talented team of security experts, and the help and support I've been receiving from the wider business has been great. I'm really excited to work with such an innovative management team and a company of experts in their fields.
Tell us a bit about your background and where your passion for the world of cyber security stems from
I've had quite a varied career, starting in traditional media advertising in South Africa. I then moved to a digital agency in the early 2000s, which was my introduction to web development and user experience. I moved to New Zealand with my Kiwi wife in 2004 and started with Sysdoc (an innovative specialist consultancy), working on technical documentation, training, and process improvement. It was during this time that I met Andy Prow, who had just started a small security company called Aura (now part of Kordia). After a few other roles, Andy approached me in 2012 to work for him at Aura, and that was my introduction to cyber security - particularly security consulting. I found it to be a fascinating industry, and the mix of my previous experience with business management, risk, staff behaviour and computer systems all had a role to play.
What areas are you particularly interested in?
My main focus areas are around business risks caused by cyber security incidents. Whereby, if organisations don't understand the wider implications of a security issue, they are not going to fix it - which is where risks can turn into crises for a business. I enjoy working with boards and executive teams to help them tease out what really matters to them, what the business impact might be and how to address it.
One main area that management often struggles with is visibility of issues. So I'm particularly interested in the work going on at Theta with Glasstrail and how this can help organisations gain better insights into their presence online in the realm of cyber security.
Last year saw some pretty devastating cyber-attacks on Kiwi organisations. What's your #1 piece of advice for them in 2022?
The thing that I still find amazing is how many organisations still don't have the basics of security nailed. So, my main piece of advice is always to ensure the bases are covered - like patching, backup and restore, and most importantly, turning staff into your best line of defence through staff training and awareness exercises.
How is NZ doing compared to the rest of the world in terms of attack preparedness?
As we often see with the types of cyber attacks New Zealand faces, we are still a bit behind with our preparedness compared to the rest of the world. While there has been some improvement in our attitude towards cyber security (a few years ago, people still felt that our geographic isolation protected us – which it doesn't), we're still not seeing the necessary levels of investment in companies protecting themselves from attacks.
Those that do take the time are often unsure how to invest their budget for maximum impact –installing expensive software but not knowing how to implement changes or interpret the results.
On the flip side, small businesses don't always see themselves as targets and therefore might expect that whatever coverage their ISP (internet service provider) gives them will be enough - which is often not the case. These issues tend to be more than just technical, so it's not the best idea to assume your small business won't be a target. New Zealand has definitely moved the dial, but we still have a long way to go.
And finally, when you clock out for the day (if that ever truly happens in cyber security), what do you get up to?
I live on the Kapiti Coast north of Wellington with my wife and our 3 kids on a beautiful lifestyle block where we raise horses and cows. So, most of my time away from the computer is sorting out the animals.... or the kids!
Great to have you on board with us Pete!
If you want a chat with our Cyber Security team, get in touch.