Episode 15: The Best Practices for Building a Transparent Cyber Security Consultancy with Matt Strahan

Can you believe there was a time when cybersecurity wasn’t a priority for most organizations? Just 20 years ago, simple passwords and basic firewalls were seen as enough protection. So, what changed? How did we go from minimal defenses to a world where cybersecurity is critical for survival?In this episode of the Cyber Consulting Room podcast, host Gordon Draper sits down with Matt Strahan, director of Volkis Offensive Security Consultancy. They discuss Matt’s nearly two-decade journey in cybersecurity, from his university days to becoming a penetration tester and co-founding Volkis with Alexei Doudkine.The conversation highlights the evolution of cybersecurity, emphasizing the importance of creativity in penetration testing and the challenges of industry commoditization. Matt shares insights into Volkis’s transparent approach to security, the significance of effective reporting, and the growing trend toward continuous testing to tackle emerging threats.They also explore the dual role of offensive security—identifying vulnerabilities while helping organizations address them. Effective communication, empathy, and technical skills are essential in this field. The integration of AI in security practices is discussed, along with the need to balance technology with human intuition. Networking and continuing education are highlighted as vital for professional growth and community support.Don’t miss this insightful episode! Subscribe to the Cyber Consulting Room podcast for more expert discussions, and connect with us on social media to join the conversation.In This Episode:(00:36) Background in cybersecurity(01:02) Early career and penetration testing(02:18) Learning and development(04:09) Challenges in obtaining jobs(05:04) Vulnerability discovery(07:43) Evolution of cybersecurity risks(11:50) Creative problem solving(24:47) Focus in cybersecurity(48:23) Gaps in access control(01:15:57) Passion for education(01:17:10) Community engagement(01:18:13) Conference atmosphere(01:18:01) Closing remarksNotable Quotes[01:02] "Back then, cybersecurity was more of a curiosity, a hobby that people might get attracted to just because it was a bit of fun. It wasn't serious like it is now." — Matt Strahan[45:22] "The identity of the user is now one of the security boundaries, and that raises a lot of complexity with the interaction of multiple software service applications." — Matt StrahanOur GuestMatt Strahan is the Managing Director of Volkis, a leading offensive security consultancy specializing in penetration testing and red teaming. With 17 years of experience in the cybersecurity field, Matthew has played a pivotal role in helping organizations strengthen their defenses against evolving cyber threats. Beyond offensive security, he has guided companies in shaping their security strategies, enhancing compliance, optimizing operations, and managing risk. His expertise spans both technical and strategic aspects of cybersecurity, making him a trusted advisor in the field.Resources and LinksCyber Consulting RoomCyber Consulting RoomGordon Draperhttps://cybermarket.com/https://www.linkedin.com/in/gordondraper/Matt Strahanhttps://www.volkis.com.au/https://www.linkedin.com/in/matthew-strahanFor more episodes like this visit https://cyberconsultingroom.comYou can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/