Moving to Australia in 2001 from his motherland, the UK, Jim Cook takes us through his career journey from various office jobs during his uni days to applying for newspaper job ads and landing a role as a recruiter for IT security staff. Eventually, Check Point Software took a chance on hiring someone outside of the vendor remit and he progressed to becoming the A/NZ regional director for Attivo Networks.
What was your first job?
During my teens I worked in catering as a waiter at weddings and other community functions. As soon as I was old enough, I started temping in various office jobs at the weekends and during university holidays. It was interesting to me to see how different office cultures could be and how people could achieve the same results in completely different ways.
How did you get started in the IT industry and progress to where you are today?
Actually, I’ve worked in IT security almost my whole career. After short-term assignments in tech companies in the UK, I spent a season looking after a chalet in a ski resort in Austria (highly recommend if you like free skiing). I’m showing my age here but when I got back, I applied to job ads in the newspaper (online ads had only just been invented) and ended up getting hired by a company who provided technical staff for projects across England. I then spent a number of years as a recruiter for IT security staff both in the UK and Australia.
When I moved to Australia in 2001, I wanted to quickly become part of the broader security community, so I joined the fledgling AISA [Australian Information Security Association] – back then it was called ISIG – and held various volunteer positions such as National Treasurer and NSW Chair.
A customer of mine at the time was Check Point Software and I asked if they would consider taking a risk on someone from outside the vendor community.
Fortunately, they were up for it and I got my start working in a security vendor. I worked for many years at Check Point in a variety of sales and channel roles before moving into sales management. From there, I stepped into the country manager role at Fortinet and then decided to try my hand at establishing cutting edge vendors to the region, which appealed to me because of the variety of work and the ever-changing nature of high growth businesses.
Today, I work at Attivo Networks, which is reshaping the thinking on how organisations can derail and respond to cyber attacks inside the network. It’s a huge issue – everyone knows that perimeter defences like firewalls and AV don’t stop a determined attacker, but traditional thinking is that detecting those attackers is all that can be done. Derailing those attacks by feeding them false information and wasting their time and resources is a more effective approach.
What has been your biggest business mistake, and the lessons you've learnt from that experience?
I think that the most painful business mistakes are cultural. Hiring the wrong person can lead to huge amounts of wasted energy, lack of focus and poor team engagement and performance. All that energy could be better focused positively on customer engagement.
A thorough approach to hiring, and a quantified, transparent approach to moving people based on a measurable set of behaviours is my learning here.
What are some of your plans for the company in the coming months?
One of our partner’s ethical hackers recently said “I go after Active Directory 100 per cent of the time. It is low hanging fruit and I’m successful 105 per cent of the time. Outside of Attivo I haven’t seen anything that can stop me.”
So one of the most important things right now is to raise awareness of the importance of detecting lateral movement and privilege escalation. Many of our customers globally were affected by the recent supply chain attacks, and fortunately were able to detect and respond to the incursion early on using our technology stack.
We will also continue to build partner relationships and customer awareness of the value we offer and continue to build on our existing customer base.
What are some of your biggest ambitions - personally and professionally?
Professionally, I want to continue to be part of the solution to keep Australia and New Zealand safe from cyber attacks – there is so much to be done, and there seems to be renewed vigour from the private and public sector to address some of the issues leading to our vulnerability in the online world – however it’s an incredibly fast moving space, which few people outside of those who work directly in cyber space understand well enough.
Personally, I want to see my kids grow into happy, creative, relaxed individuals. Physical and mental wellness are very important to me. I’m also a keen road cyclist, and can often be found cycling with a group of friends, or on my own doing ‘moving meditation’ to get my thoughts in order for the day ahead. Over the coming years I would love to see the world from my bike (in two week blocks).
What has been the best piece of advice you've received?
The first thing that comes to mind is ‘Always use more tomato sauce than you think you need’ – which is excellent advice given to me by our 12 year old on a recent trip.
I think it can be applied equally well outside of the dinner table – it works for projects, time lines, rope, budgets and cyber security. How many companies are really prepared for what is out there right now and what is to come?