Working with educational establishments, manufacturing companies, utilities, large public bodies, and corporate entities, Ian has been fortunate enough to have designed, delivered, supported and fixed systems across the world. This built up a wealth of experience that would prove invaluable for clients and colleagues alike.
A constant in Ian's career has been a relentlessly inquisitive nature. "I've always been interested in how things really work and sometimes that means you break things along the way while trying to understand what's really happening". This curiosity drove him to set up network monitoring systems in the late 1990s and underpinned his later transition into forensic system investigation.
After combatting several targeted cyber campaign groups he noticed that some companies appeared almost offended that their intrusions did not originate from APT groups, "The industry has led them to expect an APT attack. That bias can lead to them trying to fit the evidence into an APT mould. Understanding and challenging analyst bias is critical. Helping them avoid those traps is invaluable"
With clients whose offices are located globally, the work is always challenging, and every engagement brings something new.
Ian now runs his own consultancy and works with clients from multiple sectors primarily to deliver and improve SOC, Forensic and Incident Response services while meeting a myriad of other challenges along the way.
"We still encounter pentesters who just want to kick the sandcastle down with no interest in helping protect it. Thankfully that's changing and the shift towards defense and offense working together is incredibly powerful"
When he gets a chance, Ian likes to spend time avidly avoiding trees while mountain biking as well as swimming and climbing. He's happy to consider any sport that causes insurers to wonder if they should increase his premiums.
Summary of qualifications
- GIAC Advisory Board member
- GIAC: GSEC, GCED, GCIA, GCIH, GCFE, GCFA, GNFA, GREM, GPEN, GXPN, GICSP
- ISC2: CISSP
- ISACA: CISM
- Cisco: CCNA
- Microsoft: MCITP SA/EA/EDST/EDA, MCSA, MCTS AD/AI/NI/SV/DV/W7, MCSE 4/2000/2003