Ozan Ucar and Dr. Orhan Sari

Founder and Chief Technologist of Keepnet Labs/Content Developer

What was your career in before making a switch to cybersecurity? Tell us about your journey transitioning from your primary career to cybersecurity.

Since high school, we were told to build up cybersecurity as a career, but we had no idea where to start as students. We read many texts and consulted some acquaintances to gather information regarding a career in cybersecurity and got some standard pieces of advice from the school counselor. However, during those years, developing a career in cybersecurity was complicated, because there were not many credible sources to get advice from. The lack of clarity, guidance, and real interest in cybersecurity continued to persist. So, we did not start our career as cybersecurity specialists. Ozan was occupied with studying math and getting an academic degree, and Orhan was on his way to being a professor of social sciences. However, we realized that we had an interest in cybersecurity and were exhibiting potential skills. Thus, we made a shift on our path to develop a cybersecurity career in which we managed to explore, learn, achieve formal qualifications and certifications, get university degrees, and eventually accomplish a position in cybersecurity.

The primary reason for us choosing cybersecurity as a career was due to a lack of experts in cybersecurity in businesses, as well as because it was a growing area. Cybersecurity is critical to the framework of any modern business. Today, every organization needs professionals in cybersecurity. Since there are many components and roles within cybersecurity, we especially focused on email security, because we realized that most breaches start with a single email.

Before Keepnet came into this process, we went through some other processes. In particular, Ozan, the founder and the CEO of Keepnet, took advantage of the experience by getting lots of practice and a background in shaping the Keepnet project. Before Keepnet was founded, Ozan developed a new-generation security wall with the first company he was cofounder of, Coslat Security systems. This company was focused on the detection and prevention of network-based attacks. After 2 years of gaining expertise at Coslat, Ozan transferred his shares to perform a new venture, leaving Coslat active in business with over 2,000 customers. Ozan continued his career at the BGA Information Security Academy as a manager, where he ran over 39 unique projects on cybersecurity, mainly on penetration testing, forensics, and incident response. With his experience and success in the cybersecurity business and markets, which gave him the opportunity to strictly follow the trends and easily apply appropriate solutions for cybersecurity, Ozan was able to see the risks ahead in information security. He started the Keepnet Labs project, which offers solutions to prevent email-based cyber attacks.

Then, with the assistance of the Keepnet team, we cooperated and developed a suite of solutions that prevented email-based cyber attacks such as phishing, fraud, malicious content, and attachments, and it continues to preserve safety.

Why did you choose a career in cybersecurity?

We chose a career in cybersecurity because the cybersecurity market was a flourishing industry with swiftly growing business opportunities, because the technology was improving and cybersecurity threats resulted in a demand for qualified manpower. It was clear to us that the world would face a shortfall of cybersecurity experts, not to mention that the salaries were also on the rise.

Even today, companies need skilled cybersecurity employees. According to research by ICS, 47% of people said that they were struggling to find qualified personnel in cybersecurity. Companies have said the shortfall of cybersecurity professionals is having a significant impact on their customers and 45% said it's causing more cybersecurity breaches.

Companies using digital technology put themselves at risk of cyber attacks. To lessen the risk and vulnerabilities, many organizations look for cybersecurity experts to protect their organization against complicated cyber attacks. Also, the shortage of more cybersecurity specialists becomes obvious when you look at the news. Every day, there is a new data breach and a hacking case appears, and most organizations understand that they need to do more to guard themselves against cyber attacks.

Moreover, the high salaries and bonuses of cybersecurity jobs were attractive to us; however, it was the love of the technology that attracted us to this field: the field was exciting, entertaining, interesting, challenging, relevant, and meaningful for us.

Furthermore, with its expanding scope and range, cybersecurity bestowed growth potential for our career and learning opportunities. We knew that we would learn new things over and over. We would work with brand-new technologies that were exciting. Those were the things that encouraged us to start a career in cybersecurity.

With the development of technology and its components, you begin to see various models of issues that cybersecurity experts can control. So, we wanted to challenge these problems and address these issues by identifying, recognizing, and understanding them. No kind of job provides this experience like utilizing the latest in technology, facing quick changes, seeing the creativity in many aspects, and participating in the never-ending struggle between good and bad. This was another reason we chose our career in cybersecurity.

We knew that we could help make the world a better place to live in. Because everything cybersecurity specialists do is intended to bring goodness to the world, to protect people from bad guys who would hurt them.

What you did differently than your peers when choosing cybersecurity as your career?

Cybersecurity is securing the integrity, confidentiality, and availability (ICA) of information. It is the capacity to protect against and recover from accidents and from attacks by criminals. Protecting information is vital for any business. We wanted a career in a field that will always be a top priority for businesses.

Moreover, as technology continues to evolve, so does cybersecurity. Therefore, unlike most of our peers, who built their careers on more traditional jobs, we chose cybersecurity as our career because technology never stops evolving; it dynamically changes.

Share your views and thoughts for those who want to be part of the cybersecurity industry.

Cybersecurity centers on protecting computers, networks, and data from illegal or unauthorized access. It has become more significant because every establishment today, such as governments, corporations, and even people, store or process data using cyberspace. However, data breaches occur almost every week. Organizations are now becoming more aware of the potential threat and they allocate greater resources for services that help mitigate such risks.

Due to the risks mentioned here, the cybersecurity market is one of the fastest growing markets in the business sector and has the potential for huge economic opportunities because steps need to be taken to prevent the escalating number of cybercrimes that organizations encounter every day.

It is obvious that the world is becoming ever more connected. Billions of smart machines and tools are producing huge volumes of data, which provides a critical opportunity for organizations to optimize their operations in a digital environment that both creates important opportunities and also important barricades; that is to say, getting digitized also brings potential risks for organizations. Mainly due to the evolution of Internet of Things (IoT) devices and new business models that largely depend upon digitization, as well as more complex systems and the interconnectivity of devices and information, the susceptibility to cyber attacks has become much broader, while there are gaps in the security systems of organizations.

As cyber threats have grown, spending on cybersecurity awareness training and defense platforms has increased. Currently, the security awareness training market exceeds 1 billion USD in annual revenue (globally) and is growing by approximately 13 percent per year. Vendors in the Gartner report account for around 650 million USD in annual revenue. By 2027, the market size is predicted to be 10 billion USD per year. Moreover, the major drivers of this market include stringent government regulation on data privacy and increasing cyber threats. Regulations and standards such as GDPR, PCI DSS, ISO/IEC 27001 and 27002, the Federal Information Security Management Act (FISMA), the Gramm-Leach Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA), the Red Flags Rule, NERC CIP, CobiT, US state privacy laws, the Australian Government InfoSec Manual, PAS555 Cybersecurity Risk: Governance and Management, and Turkish Government Law #6698 on the Protection of Personal Data all require security awareness programs. This situation also gives a market opportunity for cybersecurity start-ups, as the Cybersecurity Market report illustrated that the cybersecurity market is expected to grow from 137.85 billion USD in 2017 to 231.94 billion USD by 2022, at a Compound Annual Growth Rate (CAGR) of 11.0 percent.

Security awareness training for employees is the most underspent sector of the cybersecurity industry. However, 91 percent of breaches start with a spear phishing attack. Therefore, the security awareness sector will become fundamental to cyber defense the strategies of Fortune 500 and Global 2000 corporations by 2021, with small businesses following shortly after that.

What would you like to suggest to our readers who want to start a career in cybersecurity, and how can they do so?

To start a cybersecurity career, you don't need a background in it. However, many people beginning their career in cybersecurity come from related areas, such as systems or information administration.

There are lots of positions available, such as junior penetration testers, for example, who have little work experience, and can acquire knowledge and learn while on the job. Still, experience is a significant advantage, even though you might not have enough skills. Thus, to start a career in cybersecurity, taking an internship or volunteering for an organization is necessary.

Besides this, you should be reading blogs about cybersecurity trends as much as you can to see the most up-to-date developments in the industry and stay up to date with the freshest cybersecurity tips, as well as follow cybersecurity industry professionals on social networking platforms such as Twitter and Facebook, since many of them produce some useful tips and points on social media by engaging in discussions and responding to questions. Engaging with people and building relationships with them is a great way to get into the industry. Therefore, go to face-to-face meetings wherever possible, or use LinkedIn for networking. Also, find conferences to participate in, because they are great places to start relationships.

To gain an edge in your career in cybersecurity, you should also be qualified, which will depend on your career path. You might need to concentrate on the following certifications:

Do you suggest that someone should be an expert in one vertical of cybersecurity, or should they be an expert in every area of cybersecurity? What is your opinion from an industry perspective?

Since cybersecurity is a broad domain, you can pursue your career path according to your own interests, because specializing in one area will give you an interest in going deeper and becoming more professional in your approach. For instance, at Keepnet Labs, we specialize in protecting businesses through the life cycle of email-based attacks. Specializing in protection against an email-based attack has led to us creating unique solutions in the market. People who want to build a career in cybersecurity can specialize in the following areas:

The cybersecurity landscape is ever-changing and extremely dynamic; how do you keep yourself up to date? What are your suggestions for our readers?

Overlooking cybersecurity advancements, trends, and reports can distance you from serious updates that could impact your cybersecurity career. Also, data breaches are more prevalent today, and the best way to stay ahead of cybercriminals is to know about the latest scams and how to fight them.

To stay up to date, you should read news and blogs online about data breaches and cybersecurity trends daily. There are plenty of platforms that provide information on cybersecurity. Just do a Google search to get them. For instance, Keepnet Labs creates weekly cybersecurity briefings to keep users informed about cybersecurity news and developments, with tips on how to keep people safe from cyber attacks. It is possible to get these briefings automatically by subscribing to the newsletter platform on Keepnet.

Also, it is important to follow experts on social networking websites such as Twitter, LinkedIn, and others, and routinely examine the news and reports for points on data security.

In your view, what is more important: having a security certification, getting relevant security training, or gaining hands-on experience through a job?

Many young people who choose cybersecurity careers are network engineers or network administrators. However, to be a cybersecurity specialist, you do not have to have these backgrounds; anyone with the skills and experience can build a career in cybersecurity. For instance, to start a career in cybersecurity, you don't have to have a computer programming degree. Nevertheless, you need both experience and certification for a business career. Businesses are aware of the need to have skilled employees when hiring, so they give great importance to certifications on cybersecurity as one way of picking their candidates.

To start a cybersecurity career, we agree that individuals need to have basic certifications. However, gaining hands-on experience through a job is more important, as people experience theoretical assumptions on a practical level, which will yield more perspicacity than certifications will deliver. Thus, as I mentioned earlier, to start a career in cybersecurity, taking an internship or volunteering for an organization is necessary.

We all agree with the fact that cybersecurity is a non-negotiable factor of today's industry. As an industry leader, in your opinion, what are those new frontiers where cybersecurity will be needed in the near future?

Cybersecurity is thoroughly connected to the fate of information technology and the advancements in cyberspace and the digitization of the world. Taking into account the evolution of cyberspace today, it is obvious that the industry will grow bigger in our individual and business lives.

With the development of IoT devices and other technologies, many critical systems today are interconnected and run by different machines. This situation will grow, the bond between devices will be even tighter, and solutions will be more computerized and automated. IoT devices particularly will be an element of practically every aspect of our lives.

However, the complexity and interconnectivity of these machines and systems affects their level of susceptibility. When we look at the big picture, big financial organizations and government institutions can be targets for hackers, despite the fact that they will continue to develop ways to defend against cyber attacks. Big financial organizations will be targets because they are accessible from every location in the world, and an attacker with the motivation of financial gain can attack from a distance. Also, governments will be at risk from enemy states who could launch cyber attacks anonymously on institutions of the target country to infiltrate the entire network or system for various purposes.

Hacktivists, terrorist groups, and states who are active in cyberspace due to the evolution of technology can pose a danger to the cybersecurity ecosystem, with different motivations. Cybersecurity defence systems will need to become more smart and sophisticated to cope with the new threat vectors appearing every day.

At Keepnet Labs, what criteria do you look for before you decide to hire talent?

Cybersecurity jobs are in high demand, and selecting the candidate with the best ability can be a hurdle. Once we get applications, we consider some important factors when selecting talent.

Experience is the primary determinant for us to consider cybersecurity talent. If applicants have expertise in related fields, they will stand a reasonable chance of success within our company, since they have proven that they have been successful before. It is essential for us to decide between an applicant with experience over someone without experience.

However, we know that experience, practice, and knowledge are not everything. Candidates who show potential can sometimes be more valuable than people who are more experienced on paper. Therefore, when interviewing candidates, we may meet people who look promising, but don't have experience. They may be new university graduates or people who graduated at the top of their class from an authorized university in the field. Those candidates haven't proven themselves at work yet but they have high potential.

One of the other criteria we look for is an applicant's skill base. Because, if applicants don't have the appropriate abilities, they have to get job training. For instance, we may require some certifications, such as CEH, CRISC, CISM, or CISSP.

Besides raw skills, we also look for soft skills such as communication skills, work ethics, and being a team player.

When hiring new talent, we also evaluate their dedication to developing their career in cybersecurity. We look for employees who are going to be faithful to our company, and who will see the job as a chance to develop their career and be a valuable asset to Keepnet at the same time.

Furthermore, one of the best methods to get the best talent for the job is hiring interns, because we can monitor their progress and skills and get to know them much better than in any interview.

Why should people join Keepnet? What career development opportunities do you provide?

We have developed unique and new-generation technologies that protect businesses throughout the full life cycle of email-based cyber attacks. We have developed a full spectrum suite of cybersecurity defense, threat monitoring, security management, and user awareness products that encapsulate an integrated approach to people, processes, and technology, thus reducing the threats in all areas of cyber risks.

We are committed to continuous innovation and the expansion of our suite of security products in order to meet the needs of a dynamic and rapidly growing networked population in a constantly evolving cyber-threat environment. Therefore, it is a great opportunity for individuals who would like to develop a career in email security.

Our cyber defense strategy adopts three holistic elements: people, processes, and technology:

Our internal corporate strategy creates a stimulating and innovative environment where the Keepnet team has the opportunity to continually enhance its skills and creativity while contributing to growth.

Keepnet Labs' solutions deliver a full-spectrum approach to mitigating phishing risks by doing the following things:

Our flexible technology implementation model means that we can scale from the smallest SME to the largest corporate organization using both cloud and on-premise implementations.

The as-a-service model is particularly attractive to smaller organizations without in-house security capabilities, as Keepnet Labs provides both the platform and the operational management of alerting, user training management, phishing simulations, and security reporting.

For larger organizations who may choose an on-premise implementation, we provide full support capabilities, including heuristic and threat intelligence-based updates to reflect the dynamic nature of the threat perimeter.

Keepnet Labs improves the overall organizational security posture and mitigates cyber risks by doing the following things:

Unique patent-pending technologies

Keepnet Labs has two patents pending and is differentiated from other solutions by the following things:

Keepnet Labs' competitors do not provide integrated solutions for each phase of email-based attacks, meaning that organizations need to implement multiple technology platforms to address these elements.

Keepnet covers all phases of email threats with unique solutions that are designed for each specific phase of the email attack chain and thus can stop an email-based attack before it propagates.

The multi-layer approach is shown in the following diagram:

This multi-layer approach is the key innovative differentiator between Keepnet Labs and other competitors in the market.

The Email Threat Simulator and Incident Responder features are patent pending.

Keepnet Labs has five platform modules working hand in glove to provide a market-leading, holistic solution. The modules are Phishing Simulator, Awareness Educator, Email Threat Simulator, Threat Intelligence, and Incident Responder:

Who is Ozan Ucar?

Ozan is the founder and chief technologist at Keepnet Labs. He lives in London.

He has been innovating in the cybersecurity space since 2006, and in 2008 he cofounded Coslat Security Systems, a new-generation firewall technology that detects and prevents network-based attacks.

In 2010, he cofounded BGA Security, which offers a wider range of cybersecurity services to major corporate clients in his native home, Turkey, including cybersecurity training, penetration testing, forensics, and incident response. The company has grown to a team of 40 people and is one of the most respected cybersecurity companies in Turkey. In 2017, Ozan left his position as managing partner of BGA Security to focus on the development of Keepnet Labs' range of cybersecurity products.

Ozan holds international accreditations including Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT) (Master), and Master Penetration Tester, Turkish Standards Institution (TSE). He is well-respected within the industry and has attended over 60 national and international conferences as a speaker. He has collaborated on two books about cybersecurity and regularly blogs and comments on industry themes.