For today’s profile we have David Robinson from Intruder.
Intruder is an easy to use cyber security service, which monitors your internet facing systems from the perspective of an attacker.
Our questions are in bold.
– – – – –
Who are you and what’s your background?
I’m David Robinson, Co-Founder & CTO of Intruder. I studied Information Security at Royal Holloway, University of London before starting a career as a Security Consultant / Penetration Tester at one of the UK’s leading cyber security consultancies.
Whilst there, I became accredited as a CHECK Team Leader; the UK’s most highly regarded qualification for a penetration tester . During my career, I have helped many organisations secure themselves from cyber attacks, including UK government, high street banks and a large number of FTSE 100 companies.
What is your job title and what are your general responsibilities?
As anyone who has started their own business can attest, I’m the CTO, but I do a bit of everything, from overseeing development, all way to lead generation and sales. As both myself and my co-founder are ex-security consultants, we’re a very technically minded company.
Can you give us an overview of your business?
Intruder is an easy to use cyber security service, which monitors your internet facing systems, from the perspective of an attacker. We look for weaknesses which an attacker could exploit to gain unauthorised access to your data, or take your systems offline.
When we find a weakness, we’ll tell you about it in easy to understand terms, outlining the risk you face, and how you can fix it before an attacker exploits it.
Intruder is subscription based, which allows us to monitor your systems all year round. This means that when you make a change to your code, or a new vulnerability or attack technique is discovered, we’ve got you covered.
Tell us how you are funded.
We’ve been lucky enough to be able to bootstrap ourselves so far. We wanted to get to a point where we have proved the need for our service and can say to investors that we’re going for funding in order to get even more customers on board.
Why did you start the company? To solve what problems?
My co-founder and I, working as security consultants, were able to see the kinds of problems people were facing when trying to secure themselves from internet based attackers.
People are typically doing two things at the moment: the first, is penetration testing, which involves a consultant manually checking your systems for weaknesses. Penetration testing is great, but because it’s manual and there are not many qualified people around, it’s pretty expensive. This means people can only typically afford to do it when they launch a product, or a couple of times a year at best. With new attacks coming out every day, a traditional report is out of date as soon as you receive it.
The second thing people try to use are tools called vulnerability scanners. Because these tools are automated, they can be used on a more regular basis. Unfortunately these tools were designed for experienced security consultants to use, which means they are complex to set up, configure, and maintain. On top of this, the results require expert interpretation and many of the issues discovered need further investigation by someone experienced in security.
We think there is a better way of doing things; a more hybrid approach of the two existing methods. Through clever use of automation, whilst keeping a skilled human analyst in the loop, we can provide usable, understandable security to companies with small, or non-existent security teams.
Who are your target customers? What’s your revenue model?
Whilst companies of any size can gain value from Intruder’s offering, because our solution is easy to use, easy to understand and requires little-to-no maintenance, it’s ideal for organisations without dedicated in-house security expertise.
Our service is already proving popular in the FinTech space, with many happy customers, including Kantox and Apply Financial, with a few more in the pipeline. In fact, Mark Bradbury, the CEO of Apply Financial said of our service
We’re also popular with some high-profile UK startups. Al James the CTO at Ometria said “Designing and building a secure system is hard. Intruder frees me and my team to focus on our product and business, safe in the knowledge that Intruder is checking for mistakes and the latest vulnerabilities. It allows me to sleep better.”
If you had a magic wand, what one thing would you change in the banking and/or FinTech sector?
Although most companies in the FinTech sector are aware of the need to secure themselves from cyber attack, there are still a few people who somewhat naively think they are not going to be targeted. But according to PwC’s 2015 Information Security Breaches Survey, over one third of small businesses were attacked by an unauthorised outsider in the last year; and what’s worse is many businesses don’t even realise when they’re being attacked until it’s too late, so the real number is probably a lot higher. The problem is that nobody seems to want to buy a burglar alarm until they’ve been burgled, and unfortunately that lax approach leads to companies going out of businesses due to cybercrime, as happened to Mt Gox and Bitcoinica.
What is your message for the larger players in the Finance industry?
I would say that the way companies approach security is going to change over the next few years, and that people should keep a close eye on the innovation coming out of the London startup scene to see what the future will look like.
What phone are you carrying and why?
I have an Android phone, running custom firmware. I like having more control over my devices, as it allows me to fine tune them, and achieve a greater level of security than one running in a standard off the shelf configuration.
Where do you get your industry news from?
There are lots of great cyber security blogs that I follow (far too many to list), but Dow Jones Cybersecurity Newsletter, which is curated by Rob Sloan is a great place to start (http://eepurl.com/b2BOdT).
Can you list 3 people you rate from the FinTech sector that we should be following on Twitter?
@aimbrainhq, are doing great things on the boundary of FinTech and cyber security by providing seamless authentication based on biometrics.
@ravelinhq are also working in a similar space, providing security from fraudulent payments without interrupting checkout processes.
@applyfinancial are not only a great role-model for FinTech startups, but their CEO Mark Bradbury is helping to pave the way for more open data and APIs in the UK banking sector.
Can you suggest the name of an Angel Investor or VC that might be interested in being profiled?
I’ve got a couple of people who might be interested, I’ve sent them an email and will do an introduction once I get a response.
What’s the best FinTech product or service you’ve seen recently?
AimBrain (@AimBrainHQ) have created a really interesting biometrics platform, which allows companies to seamlessly authenticate their users. If you’re looking for a way to get rid of passwords or easily incorporate biometrics into your offering, it’s definitely worth taking a look.
Finally, let’s talk predictions. What trends do you think are going to define the next few years in the FinTech sector?
At the moment, security requirements are mostly driven internally, or pushed down as customer requirements. I think it’s likely we will see an increase in cyber security related regulations for FinTech companies over the next few years as the regulators catch up with what is becoming a burning issue for many financial institutions.
– – – – –
If you would like to receive email updates whenever we publish, sign up to our Newsletter. You can unsubscribe at any time and we will never use your email for anything else.
If you’ve any suggestions for hot FinTech companies (startup, or established ventures) that we should be profiling, or have an opinion piece to offer, or a FinTech related event you’d like to tell us about, have a look here for more details.