I have been working in the company since its founding in 2015, and during this time SOC Prime has evolved from a small startup into a rapidly growing international company. Our employees are also growing professionally to keep up with the pace of development. For each of us, working at SOC Prime brought forth unexpected challenges and experiences.
Security and Phishing
Out of the gate, I fully felt what it was like to work among real cybersecurity enthusiasts. From my world of financial models and reports I plunged into the world of security and protection where almost every colleague seeks to provide help to avoid the slightest chance of compromise. Cybersecurity companies are always in the field of view of adversaries and finance and sales departments are some of the juiciest targets.
Soon SOC Prime’s popularity grew and we became recognized as a worldwide brand. Actually, our popularity has increased dramatically after participation in the investigation of the BlackEnergy campaign, creating content to detect WannaCry and NotPetya attacks, which made us ‘popular’ not only among white hats. Eventually after these events and after a couple of highly competitive deals, phishing emails began to come in leaking through the filters. “Invoice” is probably the most popular word in phishing email headers, but in 4 years only one came to me, and our SOC warned me about it in just a few seconds. Social engineering and targeted attacks were used as well. For most blog readers, such emails are mostly statistics of successfully resisted attacks and investigated incidents, but when you yourself are the target, each email from an unknown sender is perceived as a parcel with a bomb.
One of the main ways to protect your company is to educate every employee, without exception, about the key principles of cybersecurity and the rules of conduct when detecting suspicious activity on their work computer. In 2015, I was taught this by more qualified colleagues, and now I myself periodically pass on the experience to my subordinates.
One of the most unexpected challenges for a cybersecurity startup CFO came from the fact that our clients do not desire to be named in business presentations or any other public records. Talking to potential investors turned into a game of vague statements and alluding remarks. Describing a client as ‘one of the leading companies in its field’ when talking about our most successful deals became a habit by now. My wife got angry at me once because I used to refer to several upcoming projects as simply ‘big deals’ and couldn’t remember which ones I meant after we had gained a reference and permission to brag from some of those clients.
Despite living on forefront of cybersecurity battlefield it is still possible to get trapped in your own bubble of finite experiences. For this reason, the whole SOC Prime team is constantly involved in educational and self-educational initiatives. There are many experts out there eager to share their knowledge and make the world a more secure place. Some of them prepared the course “The Cybersecurity: Managing Risk in the Information Age” which I was happy to take. The knowledge gained allows me to identify and manage operational risk, litigation risk, and reputational risk. Creating a risk mitigation strategy for a company is something that every executive needs to be able to participate in and provide critical feedback and goals.