About David White, ESORMA Founder
I came to ESORMA through four directions, first of all for decades, until about a decade ago I ran an IT start up called Weboptimiser where I pioneered Search Engine Marketing, back in the day when there were hundreds of search engines. It is a business that is redundant now, as there is only one to speak of - Google and anyone prepared to lose their shirt can get to number one, and many do. It is not a happy market.
Prior to Weboptimiser I was an electronics design contractor, designing power supplies for early portable computers, testing AMD chips for AMD and testing and fixing up money systems for Mars Money, all good fun in the sun.
However Weboptimiser forced me to run my own IT systems, run a team of consultants and to serve major clients and bag loads of cash, it was not all bad and I loved the work. The work then was releasing data from databases, whereas in the last decade it has become about stopping data from being released from databases and a lot more besides.
Clients included an A to Z of major brands from Adobe, Barclays, Cheapflights, Disney, Ernst & Young, Ford, Granada, Home & Away, IBM James Villas, Jobserve, M & S, Nestle, Ocean Finance, Pattinson Brewer, Rio Tinto, Sky, Tate & Lyle, Thrifty, Virgin Money, We Buy Any Car and many more.
Decades of working with systems, IT, business and marketing people and most of time communicating at C level, trying to get them to understand what we were doing and why. We were very successful and did millions in turnover, working across five continents at our peak with 10 offices and 60 consultants. Halcyon days!
I was an IT specialist where I bridged IT and client delivery. Usually placed by the board to conduct a short term project, when short term often meant four to six years. A fair amount of my time was in delivering awareness programs, training, advising, analysing and putting together work plans and client strategies. It meant I often sat in on board meetings and presented to the board where I learned taking 'their' side was the best strategy for getting proposals over the line.
While learning to write software I picked up a few short term gigs and helped a few people get their businesses to market, where the objective was usually to go from a standing start to £30k a month. I was also asked to run specific very short term week long training programs in support of CISSP, SCCP, CISM, CGEIT, CRISC and more for clients like Capita, MoD, NHS, PwC and more.
Personally when I run a training session I like to dig out further resources to support the topic. I like being thorough I guess. I get it from my days as a consultant, not just making wild recommendations, I actually put the legwork in to make sure what I recommend is good for the job, as all competent people would / should. Some of this has made it to ESORMA content, and a lot more like it, that I am putting into the ESORMA portal (we add lots of new stuff every week).
So when you take all these things together it is no wonder I was keen to work with Mustafa to create ESORMA and take it to market. I can see how my knowledge, from my past experience can genuinely help the industry, helps CISOs and potential CISOs and should be fun too. I really like the idea of nurturing and supporting an online community I can see it could go far!
I found that Mustafa and I are able to spar really well, there are lots of good feelings and great ideas just rub off. We have developed a process for exchange (by phone and email) and we set ourselves incredible deadlines and we really deliver.
It all started after we met during a PwC training in London and then we met in a coffee shop at Kings Cross while Mustafa was waiting for a train home to Manchester, I live in London. We hit if off.
Mustafa and I essentially came up with the idea for ESORMA and wrote it out on the back of a napkin, in that Coffee shop. Maybe Mustafa has that napkin. We came up with the name a few days later. Then we decided to write it out and although the overall idea was done, our ideas then started to flow. We wanted ESORMA to be open, non restrictive, simple and to overcome the shortcomings of existing frameworks that try to deal with IT and Cyber Security that have clearly been bent into place to accommodate.
We just felt that a simple, from the ground up system needed to be created that would work better and fit with existing frameworks, where things like awareness are included, yet the 'how' is eerily missing, where meetings seem to be required yet most meetings include people who have no idea and are only confused by Cyber Security speak, they just want to know the work being undertaken efficiently, competently with appropriate benefits they don't want to know how or why plus they don't want to make multi million pound errors. Which seems to happen a lot!
There are in my opinion a range of pretty good reasons for ESORMA. And, I could go on!
Click here to discover more about the ESORMA membership community.