GTI Interviews | Patrick Carter, CISO

In our latest GTInterviews, we spoke with Patrick Carter, our Co Founder and Chief Information Security Officer. Pat discusses his role, the evolution of the GTI platform, and the challenges facing cybersecurity professionals.

Image of Patrick Carter of Ground Truth Intelligence

GTInterviews is a series of conversations with our community of industry experts - from our network partners and clients through to our own team. We discuss what brings people to the world of due diligence and investigations and how they see the industry changing in the coming years. This month we chatted with our very own Patrick Carter, Co Founder and Chief Information Security Officer. 

What is your professional background?

Previously, I was a computer security specialist who worked on developing new technology at Veracode, a leading application security company. In my earlier career, I was a radar analyst at MIT Lincoln Laboratories.

What inspired you to launch GTI?

Stewart, our CEO,  first came up with the idea for an innovative new approach to due diligence 3-4 years ago. He wanted to take a technology-first approach in an industry that hadn’t seen much innovation. Through discussions with him, I decided it sounded like such a great idea and I asked him if I could come on board. I had no prior experience in the industry, but it was clear to me it would require a secure platform and a strong foundation for growth. That’s where I came in. I started as our first CTO.

Tell us a bit about your role at GTI

I’m now the CISO, or Chief Information Security Officer. I’m tasked with ensuring the platform is safe not only from a security perspective but also that all the different services we use are safe. It’s been a fantastic learning experience for me to be able to get a more holistic view of the security space. There’s so much more to creating a secure product than just looking at the security of the application you create. It’s fun to lay all the different puzzle pieces out and see how everything fits together to create a secure platform, product, and company overall.

What are the biggest challenges facing cybersecurity professionals at the moment?

I think one of the hard parts for security professionals is the old cat-and-mouse game. The threat landscape is constantly evolving and you really need to stay on top of it. It helps to be compliant with a security framework that works for you and your users - ISO27001, SOC2, etc., but you also need to do your best to stay ahead of the game. I think one of the really interesting but scary things for us all to keep our eyes on is the use of AI. While Chat GPT can improve threat detection by scrutinising vast amounts of information and detecting possible cybersecurity threats, threat actors are also utilising AI to develop malware. 

How do you see due diligence changing in the next 5 years?

Automation has revolutionised the due diligence process, with many tools already available for automating various aspects of it. With the rapid advancements in software technology, we can expect to see more of the enhanced due diligence process also being automated, freeing up valuable time and resources for other important tasks.  For example, the integration of digital and human source intelligence into rich, cohesive reports.

How has the GTI platform evolved over the last few years? 

The first iteration of the GTI Platform stemmed from the perceptive insights of my co-founders, Stewart and Matt, who identified a gap in the due diligence space. Initially, the concept centred around connecting a client, working on a project in a specific region, to a Network Partner who would conduct the investigative work on their behalf. Bringing complete transparency into the process. However, [many] enhanced due diligence projects are much more intricate than this- often spanning multiple jurisdictions and requiring more than one Network Partner- and so the GTI platform has evolved to cater to these complexities while still keeping the experience simple and hassle-free. 

One of the platform's greatest strengths lies in its ability to be tailored to cater to the specific needs of our clients, at scale. With our Scope Builder, clients can capture intricate project details, select multiple subjects and countries, and instantly obtain a pricing estimate. And for high-volume work, our API streamlines the workflows so that clients never even have to leave their own ecosystem. 

What advice would you give to someone who wants a career in this space?

Anyone looking to begin a career in this space needs to first understand what makes due diligence and cybersecurity so cool- we are making the world a better, safer place. Maintaining a curious mindset is also essential. As cybersecurity is an ever-changing field, it is important to stay up-to-date with the latest threats and technologies to remain ahead of the game.  

What are you reading at the moment?

Currently, I am reading two books. One is Babel by R.F Kuang which is set in Victorian Oxford and adds a fantasy lens to dark academia. The other is Think Again by Adam Grant which explores the power of rethinking our stances when faced with new information. 

What is your favourite food and why?

I love French food for its richness and decadence and Italian cuisine because every individual ingredient is discernible in the overall taste.

Stay up-to-date with all the latest news and interviews from GTI in our blog.