Cybersecurity, information assurance, and risk management are ever-growing concerns, and we’re beginning to observe professionals drawn into the field from diverse backgrounds, each bringing a unique perspective to the table. 

Recently, we sat down with Will Jackson, CEO of C2 Risk, to discuss his transition into the risk management realm and his role at the forefront of innovation, driving progress in an industry critical to safeguarding digital assets. We also explored his insights into what the future holds for the cybersecurity market including the transformative potential of AI and machine learning.

So, how did your career path lead you to transition into the risk management industry, especially considering your background in tech and HR?

My journey into the risk management industry was certainly unconventional. I spent more than two decades in the technology and services industry, establishing myself as a well-known and respected figure within the enterprise business space. I have held c-suite and senior management positions in large international organisations, both as a supplier and a consumer of technology and services. My professional experience has predominantly been in consultancy, software and technology, and business and IT services across various industry verticals such as oil and gas, banking and insurance, manufacturing and engineering, retail, government, healthcare, distribution, transportation, and higher education.

My transition into risk management wasn’t a direct leap but rather a gradual evolution. While working in the HR and payroll infrastructure for a multinational HR & payroll software and outsourcing company, I was deeply involved in managing sensitive data belonging to large international enterprise clients, and ensuring its security was one of the top priorities. This experience laid the groundwork for my eventual pivot into risk management. I saw an opportunity in the market for what C2 were solving and most importantly, how they were solving it.

The turning point came when I connected with C2 via my investor network. C2 was a unique organisation addressing critical risk management challenges with an innovative SaaS-based and GenAi-driven technology solution. What drew me to C2 was not just their technology but what the technology achieves for the client and their unique approach to solving information assurance, data privacy, and sustainability challenges. Their blend of cutting-edge technology, a passionate and seasoned team, and a huge opportunity in the market were all key attributes to enable a successful growth strategy. 

I considered my own experience in growing technology and services businesses as the missing piece to the puzzle and believe that utilising this will further accelerate the success of C2 within the market and for the benefit of organisations navigating the rising risk challenges they face.

Moreover, I was impressed by the founder’s recognition of the need for outside expertise to achieve aggressive growth targets. This alignment of vision and opportunity convinced me that my skills and experience were precisely what C2 needed at that pivotal moment. Joining C2 felt like a natural progression, where I could apply my diverse background to drive meaningful impact in the risk management space.

Reflecting on your initial months in your role, what were your primary challenges, and how did you overcome them to drive progress within the company?

One of the main hurdles I faced was familiarising myself with the risk management industry intricately. Understanding our purpose, goals, and the broader industry landscape became my top priority. Additionally, navigating and identifying key stakeholders, building a trusted network, and comprehensively understanding our competitors to strategise effectively.

Formulating a clear strategy for the company’s next 12 months was vital for me and the C2 team. Ensuring that the team understood the vision, goals, and strategy was a key objective, providing the alignment and focus needed to deliver the strategy in the most efficient way possible. This involved not only defining our objectives but also restructuring the organisation to ensure greater transparency and accountability. Empowering my team was another crucial aspect, as I firmly believe in their capabilities and trust their judgement. Creating a culture of quick decision-making, clean execution, and embracing failures as learning opportunities is fundamental in driving progress, in my opinion.

What’s your approach to building and leading a risk management team?

Cultivating a culture of empowerment and trust within the team is crucial for driving progress and innovation. One approach I’ve found effective is involving the team in decision-making and restructuring to enhance accountability and transparency. I’ve always been a person who believes that trust, support, and delegation are a key to a successful and cohesive team and that the trust I have in the team is always forefront. I firmly believe that empowering employees with ownership and freedom allows them to contribute their best efforts towards achieving objectives and goals. Equally important is supporting employees to have the confidence to do so by providing the appropriate level of transparency and constructive support.

Additionally, I advocate for a hierarchically flat organisational structure, where individuals have direct access to resources and expertise regardless of traditional hierarchical boundaries. I feel this helps to promote open communication, collaboration, and efficiency, as team members can readily seek assistance and guidance from those best suited to address their needs and progress the matter in the most efficient and effective way possible. 

You’ve been at C2 for eight months now, what would you say is your proudest accomplishment/milestone so far?

I’m proud of several accomplishments that have propelled our growth. Firstly, we’ve clarified our core focus and identified a guiding first principle. We’ve defined a clear go-to-market strategy for 2024. We are following it with a fantastic cadence, already reaping the rewards from growing a very respectable pipeline, gaining additional customers and achieving a fantastic net promoter score within our existing client base. Internally, we have focused heavily on our company culture and collaboration, where every employee is informed and consulted on company matters, and has the opportunity to provide feedback into company decisions for consideration. Additionally, we’ve focused heavily on governance, operational resilience, and procedures, which have laid a perfect framework to facilitate the successful scaling of the business.

The development of our technology has been amazing as well. We introduced regular release cycles, supported by comprehensive details on new features and functionalities that are being deployed on the solution. There have also been some exciting larger projects, applying GenAI into the platform to radically reduce and automate user interaction within the solution, ultimately moving a significant step towards our first principle. And don’t just take my word for it; we have been recognised as finalists and winners of numerous industry awards!

Additionally, we have focused heavily on sales and business development, enabling a powerful sales engine supported by clear pricing and discount structures, sales and marketing collateral and demo environments enriched with fictitious data . Ultimately, we have redefined our messaging and market positioning, enhancing our communication and solidifying our place in the market. These milestones have been crucial steps towards our long-term vision for C2, and I’m excited about what’s to come!

In the constantly evolving landscape of information security threats and technology, how do you ensure that you and your team stay updated and informed?

Staying updated in the realm of information security and technology is crucial for us as a business, our clients, and their suppliers. We rely on our strong network, including our experienced Advisory Board, expert discussion forums, research teams, and corporate events to stay informed about emerging threats and advancements. Additionally, we foster a culture of questioning and collaboration within our team, encouraging regular discussions, debates, and evaluations of our methodologies and strategies. 

(Our Advisory Board has also recently contributed to some of our insights and you can read them here: Maggie Titmuss and Dr. Robert Collins)

We find that by leveraging data analytics, we’re able to proactively identify trends and prioritise areas of focus. I have always been a firm believer that opinion is valuable, but facts are an undeniable proof point. We spend a lot of time researching analytics and using them to direct where we should be stronger in the market. Equally, by remaining engaged in industry events and monitoring real-world incidents, we ensure that we stay ahead of evolving threats and, most importantly, our competitors!

What trends and developments do you foresee shaping the information security market, and how is C2 positioning itself to adapt to these changes?

At C2, we recognise the growing importance of streamlining procurement processes and ensuring the seamless adoption of new practices within client organisations. Our focus is on leveraging cutting-edge technology, such as AI and machine learning, to automate and simplify complex processes traditionally handled manually. We also recognise the challenges embedding a risk management solution within our client’s business so our focus is entirely on helping the customer maximise their investment and creating a more efficient risk management practice within their information security infrastructure.

By offering intuitive interfaces and seamless user experiences, we aim to reduce friction for clients, assessors, and suppliers. Our approach is not just about gathering information but also about assessing, remediating and mitigating issues efficiently. With our emphasis on technological advancement and innovation, we are poised to lead the way in shaping the future, making it more efficient, transparent, and user-friendly for all stakeholders involved.

As Will wraps up the past eight months at C2 Risk, it’s evident that C2 has achieved significant milestones and set the stage for future growth. From fortifying technological advancements to growth-minded governance to refining strategy to SaaS-based sales enablement, C2 continues to make strides in driving innovation and excellence. With a clear roadmap ahead, we’re excited for what the future holds in the cybersecurity landscape. If you would like to hear more about Will’s journey of becoming a CEO and transitioning into the cybersecurity industry, stay tuned for his feature on the Cyber Sessions podcast by CIISEC later this year!

About C2

C2 is a UK risk management scaleup on a mission to help businesses survive and thrive in the digital economy. C2 helps organisations manage security and compliance in a way that’s unique to their business and that does more than simply ticking off digital checkboxes. C2’s industry-leading platform supports the public and private sectors in managing their threat landscape and improving vendor controls, project, privacy, and ESG risks.