Expert Spotlight: Romke de Haan

1. What did you do before joining GuidePoint Security? 

For a year I was helping a nonprofit organization, i.c.stars, (A nonprofit that helps underserved youth to get a job in IT) with their national rollout plan. Previous to that I was working as a civil servant at 18F.gov, an organization that helps modernize software development processes while introducing good agile and human-centered design practices to government agencies. I got to work on projects such as the TSA’s cloud migration project and help the EPA modernize its Hazardous Waste infrastructure for the country.

2. What is your role at GuidePoint?

I’m a Principal Consultant under the Cloud Security team. I help customers with SaaS security solutions and have developed GuidePoint’s SaaS Security Framework.

3. What excites you the most about your job at GuidePoint? 

Working at GuidePoint is exciting every day. I get to work with some of industry’s leading talent and security based vendors. We really are on the forefront of cybersecurity, it’s exciting.

4. What types of projects are you involved in as part of your role?

I’ve been focusing on two things for customers. First is SaaS security. SaaS is a fast growing part of our customers’ infrastructure and we are seeing some customers are just starting to get their minds wrapped around what a security program looks like for SaaS. I spend time helping create SaaS security programs for customers or conducting SaaS health checks for their platforms.

5. What’s the most interesting cybersecurity experience you can share?

I used to do a lot of consulting work with Hollywood and the CI community. The project I am proudest of working on is with them in creating counter-narratives against terrorist propaganda. We utilized a strong digital strategy and got me invited to the White House’s global CVE summit.

6. Do you have any advice to offer your cybersecurity peers?

As Brian Krebs so famously said at our CKO this year, “cloud is hard”. Companies are becoming more and more dependent on cloud computing to help with their overall operations. For my peers I would suggest they specifically look at SaaS security and the complexities it presents. The shared responsibility model is key to understanding the tenant’s responsibility and how important it is to push back when a SaaS solution isn’t properly following proper cloud security practices. SaaS providers are starting to see the importance of things like federation, encryption and monitoring as critical offerings to organizations getting more serious about SaaS security programs. 

7. How do you see cybersecurity changing in the coming years?

I’m really interested in seeing where the future of cloud computing is going. There are more and more applications being built on serverless frameworks using PaaS solutions, that coupled with the role Machine Learning is playing in the cybersecurity space really feels to me like we are going to be playing a very different game than we are now. 

8. What other special interests and hobbies do you have?

Outside of spending time with my kids, I love to dance, DJ, and paint. I still travel the country to DJ at various clubs and bars. I used to have a monthly in New York – it’s one of my favorite cities to rock a crowd in.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.