About us

How did the idea to create a company come to fruition, what are the company's goals and what value does it offer, versus competitors.

Working as a consultant in the field of technical IT security is accompanied with many challenges, most of which boil down to keeping up to date with its rapid and constant changes (i.e. growth). Within an organization, besides consultants, the service delivery chain also involves other departments (e.g. sales, HR, management). This implies that other professions are also affected by this requirement.

From the perspective of other mentioned professions, the lack of knowledge within and understanding for this field and its requirements, results with not being able to make decisions from an informed, realistic and objective standpoint, but from a purely subjective one, instead. This, almost exclusively, results with bad decisions being made. Typical scenarios and implications, per department, are as follows:
– the lack of adequate knowledge in the sales department often results with poorly sold projects, which always results with an additional workload/stress for consultants
– the lack of adequate knowledge in the human resources department often results with both missed opportunities of employing good candidates, as well as not avoiding bad ones, both of which result with an unproductive/undesirable working environment, which negatively impacts the performance of consultants
– lastly, the lack of adequate knowledge in the management department very often results with leadership not being able to identify and address the mentioned issues on a company level (e.g. poor performance in other departments), resulting with work conditions, for consultants, which are significantly worse than they, realistically, ought to be
Delivering a service, which was defined under the mentioned conditions, always results with additional stress, with which consultants have to deal with (on top of being a stressful area, to work in, on its own). In addition, most often unrealistic goals and dead lines are being set, which add up to the already topped stress level bars.
Overall, such work environments usually quickly result with stressed out/burned out workforce, which leads to its high fluctuation, which, in turn, damages the company, in the long term.

As a consultant, not being able to keep up to date with this ever-growing field, soon results with having outdated knowledge/skills. This implies delivery of lower-quality services. In a long term, this condition results with becoming uncompetitive on the market.
To keep the knowledge/skills/competences up to date, with this rapidly evolving field, companies react differently. Most of them assign between 0% and 5% of total work time to this activity (in its various forms). Companies with more awareness and understanding of the matter assign between 20% and 25%. Practice has shown that, in order to be able to deliver meaningful services (i.e. of high quality), in this rapidly changing field, even assigning 25%, of total work time, is not enough.

In order to address all of the issues, mentioned above, Lighthouse IT Security was founded (Aug 2020). In short, Lighthouse IT Security focuses on providing penetration testing services of high quality, delivered by a Senior Technical IT Security Consultant.

To address the issue of dealing with poorly sold projects, each project is being approached and evaluated individually. Once an agreement is made, which benefits both sides, each project is separately being prepared for, which ensures that preconditions for delivering a high-quality service are met. Once a project is delivered and finished, a break is made, in order to recuperate/avoid burning out, instead of rushing straight into another project (exceptions are made in Q4).
To address the issue of having to keep the knowledge/skills/competences up to date, Lighthouse IT Security heavily focuses on continuous learning (50%), through self-study, courses/certification and various projects, in order to be able to deliver high-quality services, to its clients (50%).

The company’s long-term goal is to offer and deliver specialized premium-level penetration testing services, on a global scale.