There are many positives to a world that is becoming increasingly digital, but it's not without it's negatives.
The most prominent being that in terms of cyber crime, no one is safe – not even networks with the most comprehensive security. There is a common saying that it’s no longer about if you’ll be attacked, but rather when and how often.
“The threat landscape for businesses has changed with more malware and security holes in products and software applications than ever before,” says Ratu Mason, Lateral Security sales director.
Fortunately, there are companies like Lateral Security who specialise in IT security testing and advisory services. Essentially, they’re ethical hackers who test client’s computer systems from the perspective of a controlled and skilled attacker - often coined as “penetration testing”. Testing is undertaken on clients' websites, software applications and IT systems.
As the cyber world has evolved and new threats have developed and grown, so too has Lateral Security.
The company started in April 2008 during a recession when both Ratu Mason and Nick von Dadelszen decided to leave the company they worked at and set up their own fully independent IT security company.
A first year "lean & mean" (it was a recession after all) business plan was developed including a conservative growth strategy which was aimed at firstly providing a modest income for Ratu and Nick with financial trigger points which gave the company the ability to bring on extra staff.
The name Lateral Security came about after Ratu had said that "security" had to be in the name and Nick had suggested other names. However, it was in fact Jacey (Nick's wife) who came up with the "Lateral" component which they all liked as it described the company as "thinking laterally" about security or "a sideways look” from an IT perspective.
Their first office measured 5x3 metres located in Wellington. Both Nick and Ratu worked long hours establishing and building a customer base (5-7 meetings per day), and their hard work showed.
The company moved to a larger premises and then in 2012 opened an office in Auckland to further expand the business (14 people in total). A Melbourne office was opened in late 2013 and a Christchurch office in 2015 with staff currently standing at 20 across these locations.
The company now gets involved with around 250 projects a year, ranging from small 2-3 day engagements to larger 3-4 month projects. The company has moved from a small Kiwi start-up to a more traditional business model (sales, technical team leads, project management, technical consultants, accounts/admin) which has resulted in improved quality and consistent delivery of client projects.
Rather than long sleepless nights in their 5x3 metre office, the team now engages in regular retreats, which include skiing, white-water rafting, black-water caving and other team events.
“We have quite a fun culture given what we do,” Mason says. “The job is exciting as we come across new security issues within our clients and we also have a culture within the office of each person being constantly challenged through technical competitions along with a real “pinball” machine in our Wellington office. Our staff are exceptionally skilled individuals with a unique perspective on IT - we are technical geeks and we love the term.”
The company is in a position to further grow its business with more regular annuity projects being requested by clients. A number of key staff members now hold shares in the company which offers their strategic partners a solid base to add additional services.
“Junior staff are being trained and these people will grow and mature their skills, which will help the demand for the future,” Mason says. The Internet and the need to maintain privacy and protect IT systems will need to be increased as the level of ‘Internet Connected’ devices has grown exponentially and will be around for a long time to come.”
Mason stresses the need for companies to implement security testing as it provides assurance that IT infrastructure is protected from unauthorised hacking attempts and that staff and processes can “self-defend” against these attacks.
“You are only as secure as your weakest link, so make sure you test the whole environment and processes and not just the final production environment,” Mason says.
If you would like to know more about solutions from Lateral Security, click here.