Innovation is a fundamental ingredient in our recipe for defending forward for our customers and protecting some of the world’s most paramount attack surfaces. That’s why we are honored to be ranked No. 21 on Fast Company’s Fourth Annual List of the 100 Best Workplaces for Innovators. Innovation comes naturally at Bishop Fox because the building blocks are woven into every aspect of the business from technology to people, training, and culture. We couldn’t be prouder for the recognition of this core value that lays the foundation for how we see the future of offensive cybersecurity.
Featuring
- William Lin, Managing Director, Forgepoint Capital
- Kate Hitch, Program Manager, Bishop Fox
- Joe Sechman, AVP of R&D, Bishop Fox
- Ori Zigindere, Director of Cosmos Operations, Bishop Fox
An Investor's Perspective
What are the hallmarks of an innovative security culture?
William L.: The continuous evolution of cyber threats requires that we always be in an innovative mindset. People that get excited by change thrive in and fuel innovative cultures whether it be at security firm or elsewhere. Cultures that encourage learning, change, and improvement will inherently drive innovation of any type.
How have you seen/experienced Bishop Fox embodying innovation?
William L.: At Bishop Fox, I see experimentation happen throughout the organization – it is not isolated in any area. I see Bishop Fox being open to learning new processes and embracing a desire to evaluate lessons learned and make improvements based on that introspection.
How does innovation support the broader security community?
William L.: The security community naturally needs innovation to battle emerging threats and as an offensive firm, Bishop Fox has an even greater responsibility to that role. Bishop Fox has a strong research program that supports finding new and innovative ways to break things supporting not only customers, but the broader community.
Why is it meaningful for security companies like Bishop Fox to prioritize innovation?
William L.: Prioritizing innovation creates new security solutions that have not previously existed. Cosmos is a new offensive solution that gives organizations a unique way to improve attack surface management.
What Innovation Means to Our Foxes
What are the hallmarks of an innovative security culture?
Kate H.: Being innovative in offensive security means always being ahead of the game, particularly from a vulnerability perspective. Our clients look to us to be the experts and always know what is coming. We are aware of what our clients are looking for – what will best meet their needs and enhance their internal teams. We become partners with our clients so there is no ‘rinse, wash, repeat’ and each partnership is unique. We invest in building a relationship. One of the greatest tidbits of feedback I’ve ever heard is that “I’m not just a client of Bishop Fox, but I’m a fan.”
Joe S.: The way that I look at innovation involves a few components, but creativity is most certainly the foundation. First, I believe it is important to think big and employ a ‘shoot for the stars’ approach. Second, be bold regardless of whatever idea you have and criticisms you may receive. Most importantly and above all else you must be open to improvisation to overcome any hurdles that try to stop you in your tracks.
In the security research world, the objective you set out to achieve may not be where you end up. That isn’t always a bad thing because you can stumble upon a solution to a problem you never thought existed or you may solve an outstanding problem with a brand-new technique. Being open to change along the journey fuels security innovation.
Ori Z.: The people and the leadership are inherent parts of any innovative security culture. Innovation only happens when the right people are put in the right places. At Bishop Fox, we work in a bottom-up versus top-down method, so we focus on understanding what customers need and then bubbling that up to our leadership. We strive to innovate in ways that will best serve our customers’ offensive security needs.
How have you seen/experienced Bishop Fox embodying innovation?
Kate H: Without a doubt, Cosmos embodies Bishop Fox innovation because it is the first type of solution of its kind. Also, the quality of our deliverables and reporting is constantly evolving and improving with excellent client feedback.
Joe S.: There is no shortage of security experts at Bishop Fox that are incredibly intelligent, bold, and big thinkers! This is a big part of why I enjoy working at Bishop Fox. With such a high concentration of talented security researchers, it's almost a given that someone, somewhere within the firm has experience with whatever you are working on or your passion project that you spend time on. We are committed in the core of our culture to innovation whether it is building an open-source tool like Sliver or a new technique that helps customers combat emerging threats.
Ori Z.: I have been living this since I started at Bishop Fox in 2019! I started as one of the first ten consultants on the Managed Security Services team that has now evolved into our Cosmos platform. At the time, it was a brand-new service that we worked together to build from the ground up. We had to constantly think quickly on our feet to keep up with demand for attack surface management. Hiring the right people was also critical, and we created a phenomenal team that came to work with us because they had ideas and an innovation itch to scratch – Cosmos provided this.
Foxes never stop learning. We have a dedicated Slack channel for sharing knowledge and team members share information in this channel at all hours of the day, not just during their work hours. This shows me how passionate our Foxes are about taking our service to the next level and living on the cutting edge of new technology and techniques as they become available.
Why is Bishop Fox a favorable environment for security innovators?
Kate H: I’ve been at Bishop Fox since 2014, and it has always been a place that welcomes innovators. Bishop Fox has always had people working on things on the side because it’s been encouraged to expand, research, and enhance things that we are passionate about. As we’ve evolved as a firm, training budgets and the Bishop Fox Academy certainly provide a favorable environment for those that enjoy continuous learning. At Bishop Fox, you are allowed to spread your wings and move to other areas of the company if that is your path. We also have a knack for hiring great talent, and the people we’ve hired combined with our culture has naturally fueled our innovation.
Joe S.: We've implemented a concept called "Sponsored Research" that offers the opportunity to any of our Foxes to pitch, explore, and secure time to pursue their ideas and passion for innovative research. If you are new to research, responsible disclosure, or public speaking we give you the tools to get your feet wet and grow these skillsets.
Additionally, Bishop Fox Labs offers professional guidance and mentorship from junior to senior researchers alike.
Finally, our senior leadership incentivizes qualifying contributions from security practitioners with a dedicated budget to reward our Foxes financially for their efforts.
We are problem solving a ubiquitous issue that plagues organizations across the security community – finding balance under billable work hours, performance metrics, and fast-paced consulting pressure. We are finding ways for high achieving security experts to find better balance between their work objectives and personal passion for offensive security.
Ori Z.: We put the security of entire industries above everything else, not just individual organizations and that is a cause that resonates strongly with people, in my opinion. The whole is greater than the sum of its parts.
How do you contribute to innovation at Bishop Fox?
Kate H: In my role as a program manager at Bishop Fox, providing continuous feedback from clients has led to both internal and external process improvements that meet our clients’ needs. We wouldn’t be here without our clients.
Joe S.: I lead Bishop Fox Labs and help optimize, promote, and coordinate research activities across the firm. I also lead our intellectual property (IP) program which helps Bishop Fox pursue technology patents for Cosmos. Helping people foster ideas and exposing them to the opportunity to innovate is exceptionally fulfilling.
Ori Z.: I lead the Cosmos Operations team at Bishop Fox which is an industry leader in attack surface management.
What is one of your proudest innovative achievements at Bishop Fox?
Kate H: I am proud of my contribution to building and enhancing accounts for Bishop Fox customers.
Joe S.: My proudest innovative achievement thus far has been helping a few of our talented Foxes apply for and reach grant status on Bishop Fox's first technology patent. Furthermore, reaching grant status in less than two years for a software patent was a truly remarkable achievement and a first for me. This is a testament to the innovative aspects of the core idea as well as every individual involved in the end-to-end intellectual property process.
Ori Z.: I am proud to be a part of the iterative innovation process that has become the Cosmos team and be a part of an environment that is highly collaborative to this day. Everyone has an equal seat at the innovation table on the Cosmos team and this is something I continue to be proud of.
How does innovation at Bishop Fox translate for our customers?
Kate H: They keep coming back!
Joe S.: Innovation translates into finding more vulnerabilities faster which enables our customers to mitigate exposures before they're exploited by malicious attackers - or, as we say, "defend forward!"
Ori Z.: As attack surfaces expand, our customers incur more risk every single day of losing data, suffering breaches, or falling victim to ransomware attacks. Being able to adapt and understand changes in attack surfaces and transparently offering that knowledge back to customers is a fundamental way that innovation reaches them. Innovation provides a foundation that enables our customers to trust us with their most sensitive assets.
To read more about Bishop Fox’s innovations & recognition in Fast Company’s Top Workplace Innovators, check out our press release.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
Recommended Posts
You might be interested in these related posts.
Dec 12, 2024
Our Favorite Pen Testing Tools: 2024 Edition
Oct 15, 2024
Off the Fox Den Bookshelf: Security and Tech Books We Love
Sep 17, 2024
Navigating DORA Compliance: A Comprehensive Approach to Threat-Led Penetration Testing
Aug 28, 2024
Offensive Security Under the EU Digital Operational Resilience Act (DORA)