E2 - Toby Lewis at Darktrace

On the 2^nd episode of our podcast spin-off series, The Route to Networking – The Security Vendor Edition, we were joined by our host, Kieran Waite, and our guest Toby Lewis, the Global Head of Threat Analysis at Darktrace. During this episode, they cover a range of topics from the start of his career through to what his role entails at Darktrace. Toby also offers some great advice to those who are just starting out or want to start in the Cyber Security industry, don’t miss it!

His journey started all the way back in 2006 when he just finished his Engineering degree at university. At first, and like many others, he wasn’t sure what path he wanted to go down. He had been in the reserves at the time and naturally thought going down the army route would make the most sense, so that’s exactly what he did.

Sometime down the line, a friend of his from his university course suggest they joined the intelligence services, they both applied and luckily both were accepted. His friend went into the MI5, while he started his career at GCHQ, unknowingly starting his journey down the Cyber Security route.

Certifications/Qualifications…

When it comes to getting a certification, it’s very split down the middle with whether they are worth it or not. But Toby thinks that having a piece of paper saying that you know something is very different from being able to do it. He spent a long time recruiting for various teams over the years and what mattered to him was knowing how someone fundamentally understands the problem. Do they have practical experience in doing it? Qualifications/certs are a really good way of demonstrating that first pass but it’s having that ability to take it to the next stage and to demonstrate the knowledge and practical skills.

Coming from a degree background himself, he shares his thoughts on Cyber Security degrees, being very mixed views. Some of the early Cyber Security degrees that came out were Computer Science degrees with an extra module on Cyber Security, which arguably isn’t an entirely valid approach to take. But things have changed a lot, there are Cyber Security degrees out there now that have a lot more of a practical component and are much more dedicated across the full breadth of Cyber Security.

Head of Threat Analysis at Darktrace…

At Darktrace, he wears multiple hats in his role as Head of Threat Analysis. Hat number 1 heads up an analyst team of around 100 or so Cyber Security Analysts who are spread all over the world from New Zealand to Aus to South Korea, Singapore back to the UK. Ignoring the cybersecurity element, he has a people management challenge mixed with team leadership and developing a team of that size. Then you add in the cybersecurity angle, how do you train specifically in cybersecurity?

With a global skills shortage in cybersecurity, Toby has been involved with a few approaches in trying to bridge that gap. Having an educational background and hands-on skills is a must. Whether that’s hands-on Pen Test days, hackathons etc. Playing around with it will allow your skills to go deeper but also it sparks an interest. Another aspect is recognising that there is a gender imbalance in cybersecurity and recognising why that might be. So, targeting people at the education level, kids choosing their GCSE options.

Toby shares a wide range of advice to anyone who is starting or considering a career in the cybersecurity space, tune in on 12/01/23 to hear a great 2^nd episode of our Security Vendor spin-off!