April 1, 2021
Martin Hart knows all about foiling opportunists.
As founder of Newcastle-based CyberShelter, his every day is dedicated to helping individuals and companies repel fraudsters by ensuring organisations run the tightest of IT security protocols.
It’s a focus that goes back decades – all the way, in fact, to the late 1980s, when a young Martin, fresh from studying electronic and electrical engineering at Newcastle Polytechnic, took his first job with NCS on a Tyne and Wear Metro project.
“It was a really big contract to maintain the Metro’s ticket machines and barriers, and I was part of an influx of people to deliver the expertise required,” says Martin.
“Parts would be brought from the stations, we would work on the circuit boards, and they’d be sent back again for use.
“However, even in those days, I remember how the ticket machines were targeted by fraudsters.
“People would wrap a 10 pence piece in silver foil, which would trick the machines into thinking it was actually a 50 pence coin.
“They would then buy a five pence children’s ticket and pocket the rest as change.”
While providing an insight into scammers’ behaviour that would help inform his future career, the Metro work handed Martin other crucial experience.
This time, though, it was a burgeoning technology firm that would go on to dominate the market.
He says: “When the Metro contract ended, I went to work in NCS’ Ponteland office.
“By then, we weren’t fixing circuit boards, but the company had just become an Apple authorised service provider; it was the largest Apple dealer in the North for 20 years.
“This was back in the days of the Apple Mac Plus, the LC, the II and IIfx, and we worked all over the country,
looking after warranty repairs and maintenance contracts.”
A certified Apple and Microsoft engineer, Martin rose through the ranks, holding titles including service manager, before the 2008 global financial crisis dramatically altered the landscape.
As the company he worked for floundered, Martin took bold action and, using the skills he had acquired, picked up its service department and founded his own IT firm.
He says: “When things started to implode, we said to people, ‘if you move to my company, we will honour your contract and you will continue working with a business that has Apple authorisation.
“Every client moved over.”
The venture lasted ten years until Martin, who had operated as technical director, sold the company in 2017.
After taking a short break, he launched CyberShelter, harnessing his experience and reputation to launch a new service focused on IT security consultancy in an age of ever-increasing internet threats and the proliferation of social media.
“A couple of things alerted me to the importance of setting up a new business,” says Martin, who holds the Certified Ethical Hacker and Vulnerability Assessor Plus qualifications, and is also a certified Information Systems Security Professional.
“Cloud computing was up-and-coming, and I knew there needed to be support for companies making that switch, but there was also a real importance around firms checking back-up files; too many weren’t doing that frequently enough and if they were, they often weren’t doing it properly.
“Furthermore, having been previously certified by operators such as Cisco, Juniper Networks and Fortinet, I wanted to put my expertise and those technical endorsements to use in a fresh way.”
Based at Byker’s Hoults Yard, CyberShelter – whose clients include businesses in Scotland and Ukraine – provides independent advice on IT and network security, IT infrastructure and GDPR.
Working with customers that span a multitude of sectors, from legal and manufacturing, to retail and design, the firm carries out audits, assesses
the strength of firewalls, tests networks and WiFi connections, and delivers vulnerability scans on servers and PCs.
Using the same tools used by hackers to check and test networks, CyberShelter – which is a member of the invite-only North East Business Resilience Centre – also works with organisations’ existing IT providers to deliver an independent view on future investment.
A certifying body for the Government-endorsed Cyber Essentials and Cyber Essentials Plus schemes – which confirm companies are compliant with IT industry standards and have protocols in place to reduce the potential for attacks – the firm is also qualified to provide on-site IASME Governance certification, which formally recognises an organisation’s GDPR compliance.
“We do a lot of work around resilience, disaster recovery planning and secure email hosting,” says Martin, “and if someone has any kind of vulnerability, we will find it.
“We basically check everything, asking questions like, ‘when was the last time you did a failover, or a data restore from backup media?’ because people very rarely do it.
“Cyber Essentials will mitigate around 80 per cent of attack vectors, and Cyber Essentials Plus, aside from independently verifying the CE certification, also scans for about 70,000 known vulnerabilities and gives a report that rates risk from low to medium, high and critical.
“IASME Governance is the only official certification that says and proves a company is GDPR compliant too; it is very important.”
While ensuring systems remain robust technically, another crucial component of Martin’s work is focused on people – and their awareness of hackers and scammers.
Highlighting the social engineering element of fraudsters’ attacks, wherein individuals are targeted with legitimate-looking emails asking for username and password details, Martin says vigilance is key.
To that end, CyberShelter – partnering with USecure – provides assessments and online training programmes to ensure staff are alert to phishing ploys. He says: “If there is a way around something, it will be found.
“But I have been involved in implementing systems and educating people around stopping fraud for a long time.
“I’ve got a lot of experience in IT fraud and security and have a strong technical background, and I know where things can go wrong.
“A key part of the work I do is talking to companies about their use of information and the importance of ensuring their systems are vigilant against attacks and that their people are wary of manipulation attempts.
“IT security is a critically serious issue, and we are here to help individuals stay wary and organisations across the board ensure their infrastructures remain robust.”