My name is Richard Morrell. I am a security technologist living in rural Wiltshire in the United Kingdom although I grew up in coastal Kent where we still have a home. I’m a proud former pupil of The Harvey Grammar School in Folkestone and still play an active role in supporting the school and the Old Boys Network.
Security and Open Source – from small acorns
Since the late 1990s I’ve been involved in what has become known as Open Source working on the Linux operating system and it’s ecosystem. I founded the UK’s first ever Linux support company WebDynamics in 1998 which was acquired by Wall Street darling, California based start up Linuxcare in 1999. I headed up Linuxcare Europe working on fledgling Linux projects including the UK’s first ever commercial deployment of Red Hat Linux for the Channel Tunnel Rail Link project, and projects with the Swedish Government, Jaguar and Hitachi. I left Linuxcare to create the security function at VA Linux at the time the worlds biggest ever IPO offering on NASDAQ. Whilst at VA Linux I created a project called SmoothWall with Lawrence Manning here in the UK.
That project, launched in August 2000 became a watchword for how to do security properly at scale. The worlds first ever mass market firewall freely available it garnered over seven million installs allowing us to create the company SmoothWall in October 2001.
And so it began…
SmoothWall born from our back bedrooms built on revenue without venture capital fast became a watchword for how to build revenue on effort not investment. SmoothWall is now the backbone of almost every school, college and local government network in the United Kingdom, across the US and by household names including Ford, Moto Service Stations, Halfords and was recently bought out in an MBO in September 2017.
Technologies based on our code are in use in automotive, petrochemical and industrial computing in Italy, Greece, Cyprus and Switzerland as well as protecting the worlds largest container shipping company in realtime.
The commercial and financial success that resulted from that work has enabled me to provide bursaries and support to some of the leading technologies in Open Source security that have given birth to IPCop, Endian Networks, M0n0Wall and pFSense as well as router technologies and wireless access point technology. In entirety protecting almost 13m internet connections globally, every single day of the week. Technologies I have co-created and commercial offerings based on that technology have generated revenues in the order of $210m since October 2001. I exited on my terms as majority shareholder and have built strategically on the return and the experience to build a career in IT security that has allowed me to grow hugely as an individual.
SmoothWall acquired by Tensing Asset Management is now the UK’s largest ever privately funded security success story – and I founded it. Exceptionally proud of what we created from nothing in a back bedroom.
Post “retirement” I moved to head up internet security for NTL/VirginMedia’s 7m customers, followed by a stint at startup darling Zimbra where I was on the founder team brought in by their investment team. Taking a startup company to an exit and acquisition by Yahoo for nearly $350m.
Telling a story to a wider audience
Since 2011/12 alongside my day job I’ve been security editor for The Stack one of Europe’s top technology portals reaching over 100k people a day. You can read some of my many security articles by clicking here. I also contribute to portals such as Computer Weekly (read my most recent article online here)
For a few years I was the Senior Principal Security Lead at Logica (now CGI) and then went back to the well at global Open Source leader Red Hat where I headed global security strategy. Along the way I’ve had stints at Gartner on contract as their Chief Technology Officer for their global security practice and working as an advisor to governments and institutions all over the world. I am a certified GCHQ CLAS consultant advising and working with intelligence and defence agencies worldwide including the Inland Revenue Service and Department of Defense in Washington DC at director level.
I am still engaged with the UK intelligence services advising where applicable on code exploitation and vulnerabilities across Open Source, Cloud and IoT as well as the embedded Linux marketplace for device manufacture up to and including UK nation state level with the UK’s own NCSC. I recently (December 2018) discovered two of the UK’s largest ever telecommunications vulnerabilities working with the intelligence services and the regulators to flag and detail the risk and the fix.
What am I doing now – and talking to a global audience
In 2016 I founded AuditSec which was acquired by a UK security organisation in 2017 where I was appointed CTO.
In 2017 I was appointed to the Open Source Entrepeneur Network where I am a thought leader and speaker.
For many years I have also sat on the board of and created evangelism and collateral for the Cloud Security Alliance where I served as Chief Security Officer until Summer 2018, the worlds largest independent cloud security body whose members include Cisco, HP, Rackspace, Google, Amazon, Verizon, BT, Barclays etc.
I am retained by BrightTalk and am a regular panellist on their leading security presentations that go out to a C level global audience as well as being a speaker for the American Petrochemical Institute working at C Level with their CISO audience at major events.
I am continuing to contribute editorial to TheStack and now also Datamation where you will be able to read my thoughts from early 2018.
Since 2012 I’ve released over 150 security and technical podcasts talking security and best practices, downloaded and listened to by a combined 7 million listeners. (Simply search for my name in Apple’s iTunes podcast catalogue or follow the links below:
- Locked Down – Red Hat security radio – hosted and produced by Richard Morrell
- Cloud Evangelist Podcast – produced, edited and presented by Richard Morrell
- The Security Bod Podcast – recorded, edited and broadcast by Richard Morrell
Events and public speaking
I speak at events all over the globe. I also sit on panels at major conferences and am often to be found working the conference circuit.