Meet Our Chief Information Security Officer (CISO): Shane Read
We are delighted to have onboarded cyber security expert, Shane Read, onto the Hex Trust team. Here is Q&A tell help you get to know him better.
Tell us a bit about yourself.
My career to date has predominantly been as an Information Security professional, a field I am both passionate about in my work and private life. For the past twenty years, this passion has afforded me the opportunity to undertake roles in some amazing places, eventually leading me to Hong Kong. I moved here six years ago with my wonderful wife and our eldest son to work for the commodity trading house, Noble Group. Prior to this, I was with the Australian Government in Canberra, Australia.
I had the great privilege of having grown up in Asia from the early 1990s with my parents and sister who worked for the Australian government. Living in multiple Asian cities, some undergoing phases of rapid development with their emerging economies, some with the challenges of political and regional instability, led to forming my interest in International Relations and Security Studies at University and then my chosen career path in Information Security.
What initially got you interested in the digital assets ecosystem?
About six years ago was when I really started to get exposed to the world of Bitcoin, specifically because the criminal digital underworld had adopted this with open arms, then all of a sudden it was frequent chatter at Security Conferences. Personally, I hate not understanding new technology and at the time Bitcoin was lost on me. So I did what any information security professional would, I dove in headfirst, I bought and sold coins as a means of understanding how the transactions were written, to be a part of the system, I still have one of my first Electrum wallets. As ransomware started to take hold in 2016 & 2017, I remember speaking with the company management about these emerging risks and incorporating changes in our Incident response plans for “how do we buy crypto”. So maybe not a common first experience with digital assets, but this was my exposure to it.
My real break or exposure into the industry was through a chance meeting with a technology entrepreneur, Dorjee Sun, where I was invited to take part in a Distributed Ledger Technology Working Group for the commodities trading industry. The project was interesting and the project aimed to fix real-world trade problems. However, the real win for me was meeting Dorjee, a man to this day I hold in super high regard because he showed me how the whole world will be revolutionized by these chains. I returned to Hong Kong and I recall being so excited about my new learnings, and from that day I knew I had to be a part of securing this emerging technology.
What was it about Hex Trust which made you want to join the team?
Frankly, the Hex Trust decision for my family and me was pretty easy. After meeting with the management team and their direction in driving this company I knew I wanted to be a part of the journey with them. You can tell a lot about a company by the knowledge and excitement of its founders, and Rafal and Alessio were no exception. Both of these men were able to tell me their dreams and goals clearly and on point. They described to me what they needed from me and the cyber security challenges they thought we would encounter along the way.
After completing my own diligence on the company, and speaking with my wife (a very important step!) I was ready to commit to the company. Like I said earlier, I knew for the past couple of years that I wanted and needed to get into this space, and it was almost serendipitous the way it occurred. Now I am a part of an amazing company doing what I love, Information Security, in an industry that I am truly enamoured with.
What does ‘information security’ mean to you?
Information security to me is simple — it’s risk and compliance management. There’s not a fine line between the two, it’s actually a full flavour of both of them. We need to understand the risk to the organization, information systems, processors, and internal and external forces. We don’t just live in a world of risk, but also one of compliance, it is fundamental to be able to demonstrate to shareholders, regulators, and internal parties that we are protecting our systems to a level that is internationally recognized. If we go ahead and make up our own rules along the way without structure, we would quickly lose the confidence and trust of all concerned parties.
We all have to remember that our adversaries, the cybercriminals, are on track to be the third-largest global economy in 2025, costing individuals, global companies, and governments USD 10.5 trillion. This number should not be scary to anyone as it has been growing steadily for the past 15 years. The real concern should be with those individuals and companies who still have their blinkers on, those who are not investing in their cyber teams, or those who believe that cyber insurance will cover them (trust me, they won’t if you don’t have all the right controls in place).
This is why I am interested in Information Security. I love building out dynamic security programs that will set a course of action that helps protect companies. This ongoing goliath challenge against an adversary who operates with indifference, attacks without concern of ethics or morals. Criminal groups operate 24/7/365 to take what is not rightfully theirs, if this were occurring in the physical world where we have land borders, physical checkpoints, physical cash, intellectual property is written on paper then our challenges would be completely different. Our cyber challenge starts with an RJ-45 cable from an ISP connecting to our networks!
Tell us about a project that you’re proud of.
I think one of the more fun and interesting projects I have been involved in for this space was with the International Chamber of Commerce (ICC), the Singapore Government’s IMDA, and industry partners to accelerate the digitalization of global trade and commerce. The project was a proof of concept platform built on a distributed ledger to pave the way for governments and businesses to a public blockchain to enable trusted interoperability and exchanges of electronic trade documents across digital platforms.
As a newcomer to this space, I got the amazing opportunity to work with Mr. John Denton, the ICC president, and Dorjee Sun the CEO behind Perlin, and several leading companies all testing this emerging technology space. The project, TradeTrust, was recognized and promoted at the annual Davos meeting. I’m really proud of the work I did to support this project.
Finally, tell us something interesting which you do outside of work, and which not many people know about you.
To tell you the truth — I love(d) brewing beer, flying drones, and travelling around the world — obviously pre-covid.
But, ever since my wife and I started our family all those things have taken a back seat. My spare time is doing things that revolve around entertaining two wonderful boys. My weekends range from playing Minecraft, building Lego, watching Indiana Jones, Star Wars (my personal favourite) through to singing The Wheels on the Bus, and repeating words “Truck” 50 times to a 2-year-old who has not worked out that ‘TH’ does not sound like an ‘F’ yet.
My beer brewing equipment is still at home — clean and ready for report for duty. I still have a great drone with the batteries champing at the bit to be charged again and in the sky, and my passport, whilst being distraught by the lack of handling from foreign immigration officers, is ready to fly again (when it is safe to do so). So watch this space, it might soon be time for a “Bring a keg of beer to Work Day”.
