Sage Spotlight

Aston Martin's Robin Smith

"Sagetap comprehends our challenges and allows us to access bleeding-edge tech without needing to be experts in each category."

June 25, 2024

Listen to Robin Smith, Head of Cyber and Information Security for Aston Martin, as he discusses how Sagetap keeps him and his team at the forefront of innovation so he doesn't miss out on the next big opportunity:

Key Takeaways

  • Robin Smith is the CISO of Aston Martin Lagonda, known for Formula 1, James Bond, and the new DB12.
  • Upon joining, Robin found the cybersecurity market overwhelming and time-consuming, lacking clarity in evaluating new tech providers.
  • Sagetap helped Aston Martin navigate the dynamic market, allowing Robin to focus on cutting-edge technology without needing deep expertise in every area.
  • Two standout technologies discovered through Sagetap are Bionic and Spyderbat, both enhancing Aston Martin's cybersecurity posture and risk management.
  • Bionic aids in application security posture management and risk-based review, integrating well with Aston Martin’s network security.
    Spyderbat offers insights into network behavior, facilitating timely interventions and integrating security with development, aligning with Aston Martin's design focus.

Full Transcript

Robin Smith: So my name is Robin Smith. I'm the CISO of Aston Martin Lagonda, a luxury automotive maker that you may know from Formula 1, James Bond, and the new DB12 that's been released.

When I arrived three years ago, there was a demand to focus cybersecurity on the cutting edge.

But when I dipped my toe in the market, I found that there was a blizzard of emergent tech. So, dipping the toe in the market was a hellish experience. We were overwhelmed. We didn't have clarity around what to focus on and what the criteria were, and we couldn't discern if we spoke to 10 different new emergent tech providers, which one were credible and which ones could actually solve some of our problems.

So it consumed a lot of time. It was really unsatisfying as a process, and it revealed that we weren't set up to really understand a dynamic market on an ongoing basis. So we realized that why would we do that ourselves when Sagetap were emerging as a great organization that was able to comprehend and articulate what was happening across the whole of technology.

So we, contacted Sagetap and Sagetap understood what we demand when we come and speak to new providers.

So I don't have to understand API security from A to Z. I don't have to necessarily be an expert in posture management. We wanted to tap into bleeding edge technology.

So that has happened. We've engaged across a number of different partners that I'll talk about in a moment.

So it's been transformative.

I have to say, I've advocated it to UK CISOs at a number of conferences, and I'll continue to advocate having access to what is emerging and what is reshaping the industry.

Sahil Khanna: What technologies have really stood out to you from your Sagetap interactions?

Robin Smith: So I think I've seen more than 20 different technologies profiled, all of [00:02:00] which have been somewhat impressive. We've partnered with a number, I'll talk about two. The first one is Bionic, which is an application security posture management solution. And we have instantly fallen for Bionic and its approach to risk based review.

The sort of risks that we face every day, rather than having yet another tool added onto the security stack. The advantage of Bionic has been that it is really integrated well with a mosaic of our network security implementation. It's given us discoverability across risk and it's enabled us to begin to think about automation of risk management for a mid sized enterprise that delivers both intelligence and analytics that allow us to develop and implement better focused cyber plans.

So with Bionic, we've used it in a number of different instances, such as their application inventory function. We've integrated it with API security, and what is built is a greater amount of resiliency, not just across the organization, but also within the team that has instantaneous risk intelligence that enables us to execute any number of decisions to make sure that our posture is unaffected by current and new threats.

So we're really pleased with Bionic. We've also been, you know, transferred a lot of knowledge to us with regard to profiling and understanding risk within the network. So, you know, I think it's made a big impact on our organization. I think it will continue to make a big impact.

The other one that springs to mind is Spyderbat, who have offered their platform for again, understanding behavior across the network so we can make the right interventions at the right time.

And Spyderbat gives you that really visual insight into, what the threats are, what the kind of opportunities are, and how we can integrate security with development in a more cohesive fashion. And, you know, if you know anything about Aston Martin, you know, aside from the cars, you know, design is our absolute obsession.

So being able to integrate a design tool for security management, that gives us not only security by design and the principles within that, but also gives us the ability to forecast current and future risks. So that allows my team to be more adaptive and allows us to optimize our security management practices over the years.

So Spyderbat and Bionic, I can't speak highly enough of. They're both excellent services found via Sagetap.

Get Started Today

Join over 4,000+ startups already growing with Sagetap.

Get Started