Issue 4 2021

The Chief Operating Officer approaches the company with a similar unbeatable energy and ambition. Chris Brenton has been a leading voice in the IT and cybersecurity industry for over 20 years now, bringing this breadth and depth of expertise to the table to make Active Countermeasures the best it can possibly be. Much like John Strand, he is a published author of multiple educational books on his areas of expertise. He is also the primary author of the Cloud Security Alliance’s online training manual, which has proved an invaluable training resource. Additionally, he has developed and delivered courses for the SANS Institute. Over his time in the industry, he has assisted multiple start-ups, helping them to improve their product security and continuing to develop and improve when they hit technical brick walls. He also specialises in helping a company ensure that their product is market fit. As a final note on the named expertise driving this company forward, its partner, Paul Asadoorian, is a host and producer for Enterprise Security Weekly. This podcast has claimed multiple accolades over its eleven years of life, becoming the most popular security podcast in the world and cultivating it until it became a world- renowned series shedding light on different aspects of cybersecurity. Paul is an author, presenter, and organiser, running events up and down the country. He has a keen interest in researching embedded device security that he has brought to Active Countermeasures, and, like all involved in this business, champions sharing his knowledge for the betterment of his sector in the macro. Internally, Active Countermeasures takes great pride in their team of highly talented developers and growth team. With so many motivated and talented voices represented in its staff, it has never been a company that will settle for second best, in any aspect of its operation. Its employees are encouraged to be passionate about problem solving and fully immerse themselves in the task at hand. It affords each team member a lot of trust to get the job done correctly, with an agile and blameless post-mortem system that allows staff to look back on past projects and grow from feedback. If something new is tried, even if it fails, what matters is that the idea was attempted to the best standards possible. A failure is simply a learning experience, and one that will benefit the business to learn from, so new hires are encouraged to approach tasks with a fearless energy knowing that the company is supporting them. When it comes to identifying these new hires, it consequentially seeks people who will fit in with this culture first and foremost. Skills can be taught, attitude cannot. Far from this being a simple idiom, it is also another core part of its process, as it prizes offering learning and upskilling opportunities to each member of its team. Its approach is also one that sets it apart from its competition, as its software development process is one formed from years of pen-testing enterprise networks. Therefore, it knows the systems it works with like the back of its hand, and Active Countermeasures can push forward towards its goal of lessening the time gap between a system experiencing an attack, the team discovering the attack, and the attack being remediated. Its software will allow its clients to do this, only continuing to get better at doing so. Thus, its goals and ambitions are all fuelled by its belief that defending against adversaries should be affordable and achievable, and not a barrier to businesses. Active Countermeasures therefore has earned itself a wide range of clients across a range of business types and setups. This includes private, military, governmental, financial, and health care facilities; all of which need fool proof cyber security measures as a priority. Its clients appreciate the peace of mind that Active Countermeasures offers them. In terms of the challenges it has faced during its time in operation, it mentions the examples of cognitive bias that it has faced. These often favour the older, more labour intensive, and more error prone processes offered in the industry, which result in inconsistency as well as severe costs in terms of time and money. For example, overall, much of the cybersecurity industry still champions reviewing system logs to try and identify where a system has become compromised. This is one of the oldest technologies available other than authentication control, and its lack of consistent accuracy sometimes means that attackers are left in the system for months before they are detected, often by a third party. Active Countermeasures is bucking this trend by showing companies what they could have instead: minimally intrusive, maximumly effective, completely streamlined processes that combine protection and response. Despite its already existing achievements of exemplary solutions for its clientele, it is also committed to ensuring that it does not stagnate. As it works in such a changeable industry, it is aware that new technologies, processes, and tools are being produced on a near daily basis. By keeping abreast of these, it can constantly improve its AC-Hunter service, its educational tools, and its services across the board. In addition, to help it achieve this, it is careful to listen to and take on all feedback. By acting on the suggestions and observations of its clients, it does an excellent job of ‘showing not telling’ this element of its business, updating itself accordingly. It also plans to expand the free threat hunter training so that clients and users alike can also keep apace of new technologies. All the above has allowed it to retain a position of prestige, and as it gains and impresses more and more clients, this company has set itself on an upward track to continued success. Contact: Kris Chew Website: https://www.activecountermeasures.com/