Go Phish: Andy Bates, Practice Director of Security at Node4

Go Phish: Andy Bates, Practice Director of Security at Node4

What would you describe as your most memorable achievement in the cybersecurity industry?

Working in the domain takedown sector, I worked with a team to create a vehicle to take criminal domains offline. It was incredibly gratifying because it was something that people never thought the industry would do. Since then, we have increasingly seen it happening more and more. Being part of something that is changing the industry for the better was an honour and something I will always remember. 

What first made you think of a career in cybersecurity?

Honestly, I ended up in cybersecurity by accident. I worked designing and running secure networks for governments and found that I was under attack all the time. The ‘conventional’ attitude and defences were not doing the job for me so I wanted to help create something that did work.  

What style of management philosophy do you employ with your current position? 

I like to think of management as coaching rather than directing. I’ve made a point of bringing new people into the industry who don’t fit the ‘conventional model’, e.g. women over 50 and students, rather than hiring expensive copies of myself. This demands a different leadership style in itself, but it also encourages new perspectives and questions. My team typically asks why the industry does it like this and that is what we need to keep moving forward – new ways of thinking and challenging the status quo. Let’s face it, cybercrime globally costs US$3 trillion per year, growing at 20% CAGR, so the cyber-defence industry can hardly tell ‘newbies’ that we have nailed the way of doing things. We need innovative and creative thinkers and I aim to encourage that in my team. 

What do you think is the current hot cybersecurity talking point? 

From a personal perspective, I am passionate and like talking about gathering intelligence on cybercriminals and using this to get ahead of the game with them. This is crucial for the industry as, in order to begin combating cybercrime, we need to be a step ahead of the attackers, rather than trying to play catchup, as is too often the case. 

From an industry perspective, it is all about the three letter abbreviations – XDR, EDR, SOC, to name a few. A new one on the list from the last couple of months is GPT with the rise of ChatGPT. Every industry is talking about it and while, in cyber, we have been using AI for a while – it is a part of all of the previously mentioned terms – it has made people realise its true power. In a massively resource-constrained industry, AI has to be the answer.

How do you deal with stress and unwind outside the office?

I have a few activities I enjoy outside of work which help me to destress – I enjoy sailing, skiing, walking, or simply meeting my mates at the pub. 

I’m also doing a part-time PHD in cybercrime, which I love and enjoy, but it is debatable whether it is something that helps me relax!

If you could go back and change one career decision what would it be?

My time working closely with law enforcement made me realise that many other people get out of bed in the morning and want to take down the bad guys, just like me. In a commercial business, this is a difficult attitude to have. That’s not to say I necessarily regret anything, but if I could go back, I perhaps would have done more or dug deeper with these guys earlier. 

What do you currently identify as the major areas of investment in the cybersecurity industry? 

AI and similar technologies will be major areas of investment over the coming months and years, even more so with the rise of ChatGPT. This will help propel the industry forwards. However, I do think that investment in the basics is still lacking across the board and should be prioritised.

Are there any differences in the way cybersecurity challenges need to be tackled in the different regions? 

It is true that richer countries, e.g. the USA, and verticals such as financial institutions, get attacked more often than others. However, accidental ransomware attacks do dilute these trends, so it is debatable to what extent these are directly targeted more.

What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?

In the past 12 months, I’ve moved from creating security discussions, opportunities and messaging to putting this into action and meeting our customers’ demand for our security offerings. In the next 12 months, we are making some M&A moves so a large part of my role will revolve around managing these new skills. This will be key to accelerating the industrialisation and automation that we are building. 

What advice would you offer somebody aspiring to obtain a C-level position in the security industry? 

Do it because you love it, not because it has a C-level title attached to it. If you do something you love, you will never work again. Remember that it’s about the people that you take with you on the journey. Doing the right thing and being able to tell your loved ones that you made a difference today – somehow that is all that matters.

Browse our latest issue

Intelligent CISO

View Magazine Archive