5 Minutes With: Martin Riley at Bridewell Consulting
Can you tell me about your company?
Bridewell Consulting is a cyber security services company, with a focus on security transformation. We started in 2013 as a cyber security consultancy, before diversifying and expanding to include data privacy, penetration testing and global, 24x7 managed detection and response services.
One of our key differentiators, and benefits of our evolution, is the fact we can combine technical expertise with strategic insight and high-quality security services. We’re trusted by some of the most complex and highly-regulated organisations to protect their data, reputation and business and work globally with customers to drive transformation through cyber security, including some of the UK’s most critical national infrastructure.
One of the things that really strikes me about Bridewell is our culture. We want to be a business that people want to work for, and customers want to work with, and I think that really shines through. Every member of our team is extremely passionate about cyber security, with a hunger to learn, a drive to exceed and the qualifications to match. We work together as one team to deliver cyber security that builds trust and empowers people and businesses to succeed, securely.
What is your role and responsibilities at Bridewell Consulting?
As Director of Managed Security Services at Bridewell, I am responsible for offensive security, otherwise known as penetration testing, and managed security services.
Essentially, my responsibility is to oversee our red and blue teams, ensuring the offensive and defensive security services align with modern-day requirements and the evolving threat landscape. It’s my job to ensure Bridewell continues to innovate and evolve in order to deliver relevant and modern services to our clients.
A key part of this is the development of our Security Operations Centre (SOC) which has doubled in size this year alone and gained CREST accreditation. There are few SOC’s within the UK of our scale and capability and spearheading its development and growth has been particularly rewarding.
How has your extensive experience within the cyber security and data privacy profession elevated the company and improved its offerings?
One of the things that really drew me to cyber security was that it’s such an essential part of every business and not an add-on or by-product as some may have historically seen it. While my current role is my first pure cyber role, in reality, cyber security has been ingrained in everything I’ve done throughout my career. Over the past 20 years, I have been involved in the design and implementation of secure networking solutions across on-premise and cloud infrastructures and it’s this experience in managing strategy, digital transformation and service development across environments that has proven fruitful for Bridewell.
Currently, I’m developing our penetration testing services to account for new technologies and cloud architectures. With the rapidly evolving threat landscape, I’m also focused on growing our managed detection and response (MDR) services, allowing customers to embrace and benefit from a proactive approach to cyber security. MDR is still in its infancy, and is one of the biggest growth areas in cyber security, so it’s hugely exciting to be able to develop opportunities to expand Bridewell’s services, mature our capabilities and strengthen our position in the security market.
How have you seen the cybersecurity and data industry change with the introduction of new technologies and how have you responded to this?
Many businesses started their digital transformation journeys long before the pandemic, however, the health emergency certainly accelerated many digitalisation plans. Data has now permanently moved from paper to systems, often forming complex hybrid and multi-cloud infrastructures that are now exposed to more security vulnerabilities and data privacy issues. With Covid-19 forcing rapid change, cyber security transformation has unfortunately been left behind in many cases and as technology evolves and businesses adopt new tools, organisations must now mature security strategies to protect themselves against sophisticated threats.
Our role at Bridewell is really to ensure that cyber security is an enabler of transformation. This means helping companies place cyber security at the front and centre, aligning it to their digital transformation initiatives. And one way to do that is by improving detection and incident response capabilities and also leveraging threat intelligence to maximise protection.
What can we expect from Bridewell Consulting in the future?
2021 was a phenomenal year for us – we doubled our headcount, witnessed record growth, and won three prestigious awards. We were one of the few people in our industry who were hiring heavily during the pandemic which has put is in good stead for 2022 and beyond.
In the immediate term, our focus remains on continuing to scale at pace in the UK, growing both our customer base and headcount, with aspirations to reach 200 employees by the end of 2022. We will also work closely with developers to improve application security and ensure our offerings are relevant and comprehensive for modern environments, and ensure businesses have the right controls and mechanisms in place to maintain full visibility of modern workplaces and comply with changing data privacy laws.
Looking further ahead, we want to expand into the US and South East Asia market, driven largely by our recent multi-million investment from Growth Capital Partners. We also expect to expand our managed security services and leverage automation to help businesses lower their cyber-risks and reduce potential costs of data breaches.