Skip to main content


Showing posts from April, 2017

Security as 'Product'

One of the (many) challenges that attracted me to a role within Information Security was to seek a way of better integrating and aligning the benefits of both amazing products alongside amazing information security.

Now, 'amazing' security need not require multi-million $ appliance-level technology or investment, but should be sat close to the edge of the trail-blazing curve from both an AppSec and InfoSec standpoint both through practices, culture and attitude.

What do I mean?

Well, right now I'm not 100% certain, hence this blog post (I'm looking for ideas and validation/criticism) but here's the concept:

What if Security itself became a 'Product' for the business much like any other they produce?

Or perhaps - but I am shying away from the idea for a few reasons I'll explain - a set of features/requirements that are baked in to every product we release?

Sure, best practices and ISMS frameworks mandate/dictate what 'best practices' look like, …

A bit of a twist in the path...

2017 has seen me take a twist in my career path. Moving from 11 years working within Technical Infrastructure Architecture and Operations, to Information Security.

The inspiration for this career change came from a few serendipitous sources.

When I joined in 2014 (having had a fantastic 8 years building my career at Sony Playstation as SysAdmin and Operations Manager) I was tasked with setting up a new in-house Technical Operations function that would help to see Moonpig attain PCI-DSS compliance (as a level 1 merchant with full SAQ-D) as well as further improve their TechOps practices.

Whilst building the new team and dealing with PCI I was fortunate to have the opportunity to work with the talented Luke Potter at Surecloud - who had been engaged as Moonpig's preferred ASV. Spending time with Luke and his team during the course of that year (and years to date in my subsequent roles within the Photobox Group) inspired both the technologist in me as well as the lateral…