Aaron is based in Dubai and is the Director for Middle East & Africa for SecurityHQ. With 11+ years of hands-on industry experience in cyber security, he has worked in a wide range of industry sectors, including Financial Services, Retail, Insurance, Government, and Telecommunications. Though Aaron has a key leadership role within SecurityHQ, he remains on the front line and in the “trenches”, continuing to be hands on and ensuring he is in the thick of the action, especially when it means going toe-to-toe with Nation State sponsored adversaries.
- What are the challenges faced by SecurityHQ customers, & how are you addressing the same with your unique solutions?
When we speak to customers at the early stages of an engagement, we typically hear the same set of challenges that they are facing. Some examples could be that they are struggling to find a trusted partner who can really help them to understand what they need to do to reduce risk, they don’t have complete visibility on their infrastructure and thus their attack surface, or they don’t have the resources in house with the capabilities to respond when a threat surfaces. The most important thing in any customer relationship is trust, and that’s why each of our customers are assigned a dedicated technical Cyber Security Manager to help guide customers through our services. We really work in partnership as an extension of our customers team, with the aim of exposing patterns of illicit behavior & reducing risks.
- Built to meet the highest SOC standards, how are your operation centres secured and resilient environments designed to deliver efficient operations for your analysts?
Our Security Operation Centers are best in class. They are designed by our inhouse engineering team, and we really take everything possible into account such as the lighting levels, the ergonomics of the analysts’ desks, physical access controls, sound proofing etc. Our Security Operation Centers operate 24/7 365 so they are both incredibly secure, but also a very comfortable and fun place to work for our analysts.
- How do you benefit from your network of global SOC’s and multi-language analysis to identify global threats which impact your customers in any region?
Our teams are geographically spread across 5 continents, and this really provides an unparalleled global view of the threat landscape. I think it’s important to mention that none of our teams work in regional silos, and we have analysts researching, triaging, and responding to threats for customers all over the world. Let’s say for example, we identified a new malware campaign that is targeting customers in the United States, after triaging and responding to this threat, all the indicators of compromise (IOCs) will be processed through our global teams and platforms, ready to detect and prevent the same campaign should it start to target customers in different countries.
- What are your differentiating factors?
I think one of the key things to keep in mind is that when you partner with a managed security services provider, you really need to have the confidence that they are firstly competent, but also that they are going to be right behind you should anything go wrong. SecurityHQ isn’t an alerting company, we take our role very seriously and we are incredibly lucky to have very passionate and experienced security professionals in our team working across a wide range of security disciplines like defensive and offensive security, threat hunting, incident response, threat intelligence, vulnerability analysts, and security research. Everything that we do as a company is backed up by our security data analytics team, who week after week produce reports for all customers across all services.
- How do you work with the customers?
A great example to this question is just how important our services are to SME’s. We work with customers who have anywhere between 10 to 25,000 employees, but we really get to see the value that our services bring to the smaller companies, who don’t have the resources to run a 24/7 cyber security team. As a company we really want to be an extension of the customers security team, and we sit with them to really fight the challenges they are facing. We may start with a small engagement conducting vulnerability scans to help the customer understand their attack surface, but gradually we start to roll out more detection and response capabilities within the customers organization.