Neville O'Neill, Senior Director of Software Engineering at Rapid 7, shares how Belfast is leading the way for cyber worldwide
Q. You have been with Rapid7 for almost 6 of the 9 years since the office was established in Belfast. How has the Cyber industry evolved over this period?
Rapid7 Belfast has evolved massively from just 100 people to currently over 350 engineers spread across eight floors in a newly refurbished office. From a cybersecurity perspective and from a software perspective, we've seen a continuous evolution of threats and attacks. It’s our goal to stay ahead of the curve so to this end we have continuous deployments of more up-to-date software and products. For example, in December 2021, we saw the widespread, global impact of Log4Shell across the IT and software industries. Our teams were on hand to proactively jump into action and help customers mitigate their security risk.
We can all see that as things have progressed, hackers are getting smarter. It's getting easier for them to attack organisations, and those organisations are becoming more and more aware of their need to be secure. They are looking at companies like Rapid7 to help them highlight where they may be vulnerable and that's a continuous train that just keeps on rolling. By the very nature of the business we are in, we are always looking at what the next asks are from our customers and how they can mitigate their threats.
Q. As Senior Director of Engineering, is there such a thing as a typical day in your current role?
I tend to wear many hats in my current role. At the core of this, I'm a facilitator to the team. This means helping them by removing blockers and resolving issues to allow them to execute and drive impact on a daily basis. We actually have a saying here that I think sums it up best ‘We hire smart and intelligent people so I can keep out of their way while they get the job done’.
More generally, the typical day for me involves planning and looking at project execution; working with different stakeholders and meeting with customers as well as looking at the strategic vision for our company. Right now, I’m involved in our intern program and our growth strategy for 2023 and 2024. My role is ever-changing which in itself is what makes it so interesting and enjoyable, and is why I'm still here.
Q. Cyber attacks are becoming ever more pervasive, what solutions do Rapid7 provide to counter these threats?
Rapid7 offers powerful, practitioner-first security solutions that deliver best-in-class technology, a unified cloud platform, and industry-leading research and expertise. Our technology, services and community-focused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behaviour, investigate and shut down attacks, and automate routine tasks.
Our threat detection and response offerings, InsightIDR, Managed Detection and Response (MDR) and Threat Command, help customers detect, assess, and respond to emerging threats in their environments. Our cloud security offering, InsightCloudSec, gives customers visibility into vulnerabilities in their cloud-hosted applications and environments. Our vulnerability risk management solutions, InsightVM and InsightAppSec, provide our customers with visibility into vulnerabilities within their environment. It also gives them peace of mind that the products and assets that they have in their environment are patched and secure, eliminating the risk n of exposing sensitive information to potential attackers.
Q. Northern Ireland has become a global cyber security hub and the #1 international investment location for US cyber security firms – why do you think this is the case?
We've seen such incredible growth in Northern Ireland over the last 10 years In both cybersecurity and development. I think one of the obvious factors for this is the talent we are producing from the universities. This is in part due to the existence of such a good partnership between the local universities and the cyber companies that are local within Belfast. The success of these partnerships has allowed for growth on both sides.
At Rapid7 we are working with the universities at a grassroots level to highlight what we're seeing in the industry, and the universities are taking that feedback and then tailoring their courses accordingly. We’re also working to bring more diversity into the industry as the IT, software and cybersecurity sectors have so many opportunities for people of all backgrounds, genders and identities to come together and collaborate to drive innovative and impactful solutions.
Q. The Cyber sector is growing rapidly, what advice would you give to anyone wishing to pursue a career in this field?
Information has never been easier to get. In particular, I would advise people to take a closer look at all the meetups happening all over Belfast that are talking about the latest technologies and cybersecurity issues that are happening. There are regular cybersecurity seminars in Belfast that are often free to attend where people can listen and then meet up and network afterwards. Rapid7 is also planning to host meetups throughout the year to talk about different technologies that are coming as well.
We also are going out to more and more schools and universities to talk with students to highlight what cybersecurity is, what software development is, and the benefits of pursuing a career in these fields.
Q. In the past Cyber had a reputation or almost a sense of being boring. Is that really the case?
Cyber is certainly not boring, and sometimes I think Cyber is dramatised a bit on television. However, there are definitely challenges within cybersecurity that make it insanely interesting. There is nothing better than the satisfaction of finding a vulnerability or finding something that you can better protect.
With regards to vulnerabilities, that’s a 10 out of 10 in our industry. There is a huge degree of satisfaction from the engineers here when they work on getting patches available so that we can tell our customers if they were vulnerable, where they were vulnerable and what the mitigation steps are to fix that vulnerability. For me and my team, that's a really good, satisfying feeling so I don't think cybersecurity is boring at all. Yes, it has its daily challenges, but that’s actually fantastic in my eyes.