Meet our Founders
Andy can trace his fascination with security right back to his childhood; password protecting his elementary programmes from prying eyes!
Since those early beginnings, he has helped secure high profile organisations in Government, defence and financial services, gained his Masters’ Degree in Information Security Management and recently been recognised as a Fellow of the British Computer Society.
In the 15 years that Andy has been working in Cyber Security, he has learnt the need to augment technical cyber controls with protection focusing on the human aspects, leading to the formation of BLOCKPHISH.
Ever since watching the film War Games in the early 1980’s, Daryl was fascinated by the fact everything from school grades to military mainframes could be hacked.
This interest later became the basis for his passion to design secure platforms and systems for everything from community and e-commerce sites to Government and defence systems.
Over the past 16 years, this passion has evolved from designing robust system to helping both companies and people with their security challenges.
An interview with our founders, Andy Green and Daryl Flack
When did the business start and what were your aspirations for the future?
I distinctly remember the moment when the idea for the business sparked into life; I was working as a Cyber Security consultant at a FTSE 100 company and the CFO came up to me with his iPhone, clearly troubled. ‘Is this a Phishing email?’ he asked, showing me an email urgently demanding payment. I reviewed it and informed him that yes, indeed it was a scam. He lamented that he had spam filters, email proxies and countless other solutions and yet phishes continued to plague him. We discussed how a culture change within organisations was required to address the threat.
I emailed Daryl that very day, who was then running RESILIA – a Cyber Resilience best practice – and explained the concept. He loved it as it resonated with the work he was doing there…
Yes, that’s right. Andy emailed me towards the end of 2014 saying that he had a great idea for a new business opportunity and would I like to be part of it. I’d had first-hand experience of the challenge of tackling phishing in organisations and I knew that this was something I had to be part of.
What do you see as the key elements of the BLOCKPHISH business culture?
I think the word “culture” is a key term. As a business we are ultimately looking to help organisations change their Cyber behaviours; we effectively offer a cultural change programme. In order to be successful at that, we developed our company ethos to reflect our passion for educating people to empower them. We believe that giving staff both the confidence and belief to make the right decisions is the first crucial step in making a cyber resilient organisation.
We therefore champion learning and the variety of ways people learn. We embed the need to understand the psychology of human behaviours and the influencing factors that are used in social engineering attacks as it’s only by looking through the eyes of our adversaries that we can help companies recognise the threats and improve their defences.
However, it’s not all about work. We’re great believers in people being more engaged and productive in a relaxed, enjoyable and fun environment. We therefore take every opportunity to shake off the confines of the office to give the team the thinking space they need to come up with our next big idea. Combining this with an opportunity to donate our time and support to the causes we are passionate about gives us what we think is a great mix of hard work, fun and a splattering of social responsibility.
How does the culture inform the business you do and the people you work with?
As a business and as individuals we strive to protect and encourage our business ethos of improving the awareness culture of organisations and through our professional yet relaxed and approachable attitude, we aim to filter this philosophy through to our clients and beyond.
How do you keep pace with rapid change as a Cyber Security specialist?
I think we’re lucky at BLOCKPHISH because our work is our passion. This means that whilst we immerse ourselves in all things cyber as part of our daily roles, we can also be found sharing news stories with each other, swapping books, recommending white papers etc, whenever or wherever we see it. Social media is obviously a great way to hear about the latest breach or vulnerability but I still get the most value from engaging with customers and peers directly and hearing about their first hand experiences.
What has been the biggest change you’ve seen in the Cyber Security industry?
I feel that there are so many changes as the cyber security industry is still relatively embryonic. It’s only still in its infancy really. In the 15 years that I’ve been involved, even the name has changed several times: from Computer Security to Information Assurance and now Cyber Resilience! I wonder what we’ll call Cyber next?
More seriously, there has been a paradigm shift from considering cyber security as simply a component of IT, to an integral aspect of the whole organisation, which involves everybody from the board to the post room. And now the industry is slowly realising that technology alone can’t stop cyber threats; there needs to be process and people involved too.
Another significant change is the on-going adoption of detective and responsive controls as well as protective controls, as organisations accept that breaches are inevitable and being cyber resilient requires early detection of threats and effective response.
What happens when things go wrong? How do you address problems and issues?
Great question. Accidents happen and things go wrong – we’re only human after all. We believe in being completely transparent and working through any issue quickly and efficiently. With our ethical phishing solution we aim to embed a culture within our clients that allows their staff to make errors such as falling for a scam and being open and honest with the resolver team to mitigate the potential impact. We strive to embody that principle in our own operations.
Things go wrong in every business from time to time, it’s how you learn from it that’s important. Understanding why things have gone wrong and how we could have avoided it is obviously an important step but sharing that learning in a positive and constructive way is just as important for both our entrepreneurial culture and our corporate learning. It’s often the knowledge gained from those challenging moments that lead to the most insightful opportunities to improve the business.
Where do you see BLOCKPHISH in 5 years’ time?
My aim is for BLOCKPHISH to have grown to address the needs of the UK market and overseas, but also to still be an innovative, entrepreneurial organisation that is able to respond quickly to new challenges in the cyber domain.
I see BLOCKPHISH as the most trusted go to ethical phishing and cyber awareness learning organisation in the UK with a strong and growing international presence. Our growth will have been delivered through both direct sales and our strong relationships with our channel and reseller partners. We’ll differentiate ourselves from our competitors through our commitment to customer services and the recommendations they provide that lead to new organic business growth.
We recognise our corporate and social responsibilities to customers, suppliers and other stakeholders and are committed to conducting business in a manner that achieves sustainable growth whilst maintaining our integrity and moral obligations. We currently support several charitable causes and please feel free to contact us should you wish us to sponsor your charity.
Give01Day is UK’s first initiative that brings volunteering professionals and charities together.
Charities hold extensive personal and sensitive information about their clients, supporters as well as employees, but they lack the resource expertise to adequately protect this information. In trying to maximise their support reach for front-line clients, they are vulnerable to trust and reputation in cases of cyber-attacks as well as legal damages (in cases privacy and data protection insufficiencies).
BLOCKPHISH support the Give01Day initiative by donating their time to help charities with their cyber security issues.
For more information about the Give01Day initiative, please visit https://give01day.com/uk/index
BLOCKPHISH skis the height of Everest raising funds for Ski 4 Cancer!
On Friday 11 March 2016, members of the BLOCKPHISH team attempted to become World Record Holders by skiing the vertical height of Mount Everest, the World’s highest mountain!
The challenge was a BIG one. In just one day we skied a vertical height of 29,029 feet or 8,848 metres. To put this into perspective, that’s as high as most airlines fly or the equivalent height of 3,400 flights of household staircase.
We undertook the challenge in Austria to raise funds for Ski 4 Cancer, a cancer respite charity which helps ease the burden of living with a cancer diagnosis or a recent bereavement. Importantly, they recognise that a cancer diagnosis affects the whole family unit and not just the cancer patient. Consequently, their respite programmes focus on both the cancer patient and their immediate family as well.
The event was a great success and we managed to raise of over £25k. We also got to ski with Eddie ‘The Eagle’ Edwards!
Get in Touch
© 2016 BLOCKPHISH, 5-6 Coventry Street, London, W1D 6BW, United Kingdom