As a fast-growing fintech processing hundreds of thousands of transactions on behalf of clients worldwide daily, Greensill takes cyber security very seriously. It invests in robust IT security and rigorous employee training and hires highly-skilled cyber security experts to protect data belonging to Greensill, as well as data entrusted to Greensill by its clients and partners.
Cyber Threat Hunting Analyst Ellis Hackett is part of the specialist team that identifies and tracks down cyber threats and defends Greensill against attacks. He explains why he loves ‘fighting the good fight’ on behalf of Greensill and his passion for a job that presents new challenges daily.
“I always wanted a career in which I could work tirelessly to defend against the latest and greatest cyber attacks and that’s what I do every day for Greensill,” says Hackett. “I can say with 100% honesty that I love my job.”
He reports to Greensill’s Security Operations Manager and is part of a close-knit expert team that is set to expand as the company grows. “We have a massive responsibility to protect the integrity of our systems and data as well as to protect our clients and we take it very seriously,” he says.
Hackett who joined Greensill in November 2019, says his key responsibilities include assessing and analysing intelligence on potential threats and exposure to risk, identifying and stopping specific attacks and threats, securing the company’s network and finding and containing problems fast.
Educating and training employees on cyber security is also a critical aspect of his job, never more so than now. Cyber attacks were already one of the biggest security threats and costs to businesses worldwide before Covid, but the pandemic has increased the threat level, says Hackett.
"Greensill has a real family feel and there’s a very genuine feeling the company wants you to do well."
According to the US Federal Bureau of Investigation (FBI) there has been a 300% increase in reported cybercrime since the Covid pandemic erupted, partly because a mass shift to homeworking presented new opportunities for cyber criminals.
Blanket emails from governments and other institutions with Covid updates have presented hackers with a new way to try to infiltrate IT networks through ‘phishing’ emails which can be opened unwittingly by employees.
“We work really hard to ensure that all our employees are well equipped to understand and recognise potential cyber security threats,” Hackett says. “The biggest cyber security weakness is humans not systems.”
An estimated 95% of cyber security breaches worldwide stem from human error – but on a positive note, Hackett says human intelligence and awareness are the best form of cyber defence. He says that employee understanding of cyber threats in Greensill is strong and increasing all the time, thanks to the efforts of his team.
He says cyber security professionals need to be part-detective. “You need to be a bit of a detective to work out what things mean and to be able to pursue and track things down. I’d say the job is 60% detective and 40% technical IT skills.”
He joined Greensill from Fujitsu where he spent seven years, starting out at just 18 years old as an advanced apprentice and working his way up to cyber threat intelligence analyst. A self-motivated and largely self-taught cyber expert, he was fascinated by computers from an early age but preferred to hone his skills on the job rather than pursue a more conventional university career path.
“There is not just one single route to this job although there are some good cyber security courses out there. You need a hunger to learn and an inquisitive mind. Being curious, being self-motivated and having a passion and interest in this kind of work and demonstrating an ability to do your own research is important.”
He explains that there are different types of cyber attackers from coordinated ‘state-sponsored’ attacks to professional cyber criminals and so-called ‘script kiddies’ (amateurs hacking for fun). Hackett says the damage caused by ‘amateurs’ should not be under-estimated as they often attack indiscriminately, causing as much damage as professional criminal hackers.
He currently works from home due to Covid safety measures, staying connected to colleagues digitally. He spends part of his time developing strong intelligence networks within and outside the company, exchanging information on cyber threats with security networks and other companies, particularly within the financial sector.
He was head-hunted to his current job and spent time researching Greensill before joining. His skills are in demand: it is estimated that there will be more than four million unfilled cyber security jobs worldwide by 2021.
Hackett says several factors drew him to Greensill, including the fact the company is growing fast, creating opportunities to advance. His long-held ambition is to manage a security operation.
Hackett says the number of employees has more than quadrupled since he joined Greensill around a year ago. “In some companies you might lose the feeling of really being part of things as they get bigger — that’s not the case here. Greensill has a real family feel and there’s a very genuine feeling the company wants you to do well.”
Being named Hackett in a job dedicated to foiling hackers often raises a smile, he says. “Yeah, I get a few jokes about that. It’s my real name – my partner who is in the same line of work thinks it’s cool. She’d like to adopt my name too,” he smiles.
Filled with ambition, he sees plenty scope to advance within Greensill. “I’m 100% happy in this job – which might be surprising given that this is a very stressful time in the world. I can’t see myself leaving any time soon.”