While numerous hackers have flipped from black hats (malicious bad guys) to become white hats (ethical good guys), applying their skills to shore up cybersecurity defences against the very attacks they used to mount, Ben’s turnaround occurred remarkably early – when he was just a teenager.
From around the age of 7, after he was shipped off to boarding school back in the UK, Ben became fascinated and inspired by stories of hackers who broke into computers from their bedrooms. This prompted him to begin tinkering with code and computers and led him into what he calls a “downward spiral”.
At 17, when he was booted out of school for not heeding a final warning to leave his hacker ways behind, Ben came to a crossroads.
“I had to make a decision: Do I go back to school? Or do I go straight into a professional career?,” he recalls. “I chose the latter.” As for the industry he would enter, Ben says he “didn’t have a choice” – cybersecurity had already chosen him.
For well over a decade, Ben worked as a professional consultant, helping large enterprises and organisations understand how their digital assets may be stolen, and preventing such breaches with strengthened defenses.
In 2014, the cybersecurity consultancy Ben was at appointed him to run their business in Singapore. Never one to turn down an exciting new opportunity, and with mere weeks of advance notice, 23-year-old Ben packed his bags and left grey and rainy London for the warmth and blue skies of Singapore.
Eventually, however, Ben longed for a better way of serving his clients. “There was a frustration with the limited impact you can have working with one client at a time, each for a six-month period,” he says, “when the industry is moving so quickly and global demand for cybersecurity is increasing so rapidly.”
Thinking like a hacker
“Traditionally, organisations engage cybersecurity consultancies once a year to do a penetration test,” Ben points out. “But it’s no longer enough to test your systems once a year. Our understanding of cybersecurity is changing on a daily basis, and the tactics of adversaries are constantly evolving.”
Yet, owing to a constant shortage of talent in the industry, there isn’t enough manpower to perform continuous testing at a high frequency. To solve this, Ben turned to tech. He created watchTowr, a first-of-its-kind cybersecurity service that automates testing across multiple clients, fuelled by large-scale data analysis, thus scaling the impact of his work. Because of his ability to think like a hacker, Ben is able to simulate the persistence of sophisticated cyber aggressors, beating them at their own game.
“Our technology takes a very proactive approach, continuously hunting for vulnerabilities and weaknesses,” he explains. “This means that as soon as a weakness arises in any system, we are in a much stronger position to identify it before anyone else attempts to exploit it.”
After its founding, watchTowr grew rapidly, raising over $10 million within its first year from investors such as Wavemaker Partners, Vulcan Capital and Prosus Ventures. The majority of clients acquired belong to banking, financial services and insurance (BFSI), sectors that are no strangers to the reality of cybersecurity threats.
“We had our first client on board within a month. We had our first banking client in two months,” Ben says. “Our technology is incredibly easy to deploy, so potential clients can very quickly trial it to see how effective it is.”
