We’re kicking off 2023 with an in-depth interview and with our Chief Revenue Officer, Will Morrish – the newest member of CovertSwarm’s leadership team. In our accompanying podcast, Will shares his passions for cyber security and technology, his career up until now, and what’s exciting him most about joining the Swarm.
Will may be new to CovertSwarm, but he’s been in talks with founder Anders Reeves for many months, and they have a shared history of working together. But where did it all begin?
While Will has worked in IT for over 25 years, his experience goes back even further. He wrote his first program in Basic for a Spectrum 48K. Since then, he’s taken on a variety of roles, from field and pre-sales engineer, to customer service and sales leadership positions – for several enterprise businesses.
Will’s connection with CovertSwarm started when working at Interoute, the European network provider acquired by GTT Communications for $2.3bn in May 2018, while Anders was working at Sony Playstation. They found they shared complimentary values around the positive energy they brought to work; how to do business with purpose; and parallels in their drive to deliver boundary-pushing industry change through the work they were doing delivering corporate security, connectivity and performance in innovative and creative ways. Will then spent two years at Alert Logic, one of the biggest global Managed Detection and Response providers, helping to build a sales team on the defensive side of the cyber industry. He later moved to Performanta, a cyber security provider with international customers across Africa, Europe and the United States, helping medium and large enterprises build their defensive security systems. It was here that Will discovered a passion for protecting corporate infrastructures from cyber threats, but recognised that critical shifts needed to happen within the industry. And that’s what led him to join CovertSwarm.
Will’s connection with CovertSwarm started when working at Interoute, the European network provider acquired by GTT Communications for $2.3bn in May 2018, while Anders was working at Sony Playstation. They found they shared complimentary values around the positive energy they brought to work; how to do business with purpose; and parallels in their drive to deliver boundary-pushing industry change through the work they were doing delivering corporate security, connectivity and performance in innovative and creative ways. Will then spent two years at Alert Logic, one of the biggest global Managed Detection and Response providers, helping to build a sales team on the defensive side of the cyber industry. He later moved to Performanta, a cyber security provider with international customers across Africa, Europe and the United States, helping medium and large enterprises build their defensive security systems. It was here that Will discovered a passion for protecting corporate infrastructures from cyber threats, but recognised that critical shifts needed to happen within the industry. And that’s what led him to join CovertSwarm.
“Every business knows they need protection,” Will says, “But many rely on point-in-time testing, don’t budget enough for the scope that’s needed or aren’t aware of their genuine attack surface. Nowadays, having the right coverage is essential in protecting companies’ data, people and assets. Because it’s only through relentless research and attack that you find the gaps in your defences and prevent breaches from happening.”
That’s why, when Anders explained the scale of CovertSwarm’s offensive operations, Will’s jaw dropped – and he immediately wanted to get involved. Because it’s his view that defensive security is no longer enough. “You need to get under the fingernails of a business and find out where the holes are – even if that involves breaking into offices or cars to discover the weaknesses.”
CovertSwarm is about more than getting that ‘compliance tick’ for annual penetration testing. It’s about getting to the next layer of defences, past technical vulnerabilities and into the real world – showing just how far a real hacker will go to attack a business.
Anders agrees with this, adding: “What draws clients to CovertSwarm is that we not only provide traditional reports, but also more valuable breach reports. These show how the Swarm uses their broad spectrum of security skill sets and tools to prove key vulnerabilities which could lead to demonstrable breaches, which really should exist on clients’ risk registers. But gaps can lie within businesses even when some of their departments are really on top of their security – and basic pen testing just isn’t enough to catch all the potential breaks in defence.”
So many other things, Will points out, can create a cyber security risk beyond the digital world. In fact, it was a story about a recent CovertSwarm client engagement that hooked Will into taking this key role for him – and the business. In this case, members of the Swarm managed to hack into the client’s native CCTV systems, which involved a member of CovertSwarm’s team being on-site to actually break into the premises.
But it’s not always complex operations that can end in an attack. On the other end of the scale, breaches can be as simple as swindling a business’ accounting team with a fake invoice. In fact, the majority of deep breaches start with the human element. Even in the public domain, Anders points out, “People still fall for this kind of attack. It’s why there’s no room for complacency in any area of operation.” Anders urges every client to make sure that all their team – not just leadership – has the same levels of knowledge and awareness about potential risks.
CovertSwarm’s ethical hackers don’t only go deep into organisations’ systems to find weaknesses – they also provide thorough training and advice on processes businesses can adopt to try and increase their security. Anders reveals that, increasingly, clients use their monthly Swarm time to discover how CovertSwarm has performed attacks – a form of deep-dive, “hack with us” session. This helps their client’s teams – through employment of their learning and development budgets – to understand what happened and why, using their own, genuine attack surface as the playground for CovertSwarm’s ethical hackers to demonstrate where their points of compromise exist.
It’s clear that Will is deeply passionate about the industry, and that he’s made significant contributions to a number of well-known and highly-regarded technology organisations over the years. But he’s also a bit of a secret ethical hacker himself – as well as a self-professed ‘geek’, with constant projects and new ideas on the go. Looking around his desk, he’s got a micro-robot, Arduino-powered glasses that he’s building for a festival, and a server with numerous VMs running on it to name just a few. “It goes back,” he says, “to a constant fascination with technology, what it can do, and how we as humans can interact with it.” Will has home automation throughout his house, and not just the usual light bulbs – he’s also automated his robot Hoover and alarm systems. And this genuine passion maps across how Will interacts with customers, as he uses his deep knowledge and understanding of technology to constantly investigate how to make organisations more secure.
Will joins CovertSwarm at an exciting time, and will be bringing his expertise to our worldwide client base. It’s clear he’ll have a phenomenal impact on CovertSwarm’s growth and capabilities through 2023 and beyond, helping us to continue challenging the market – and the team couldn’t be happier to have him aboard. In the meantime, don’t forget to listen to our interview in full on our latest podcast (episode 10) below, or on Spotify, Apple, Google, or wherever you get your favourite podcasts from January 4th 2023.
K8s – Pod to Node Escape Techniques
In this article we are exploring the breakout of a pod, to gain access to a node. This is performed by attackers to elevate their privileges…
Rishikesh Bhide joins CovertSwarm as Head of Engineering
Rishikesh joins CovertSwarm to accelerate the organization’s engineering capabilities and product strategy as part of its rapid growth trajectory.
Louis Blackburn joins as Operations Director
Louis joins CovertSwarm from Lloyds Banking Group with an extensive background in red teaming, becoming the latest senior hire as part of the organization’s rapid expansion…