Ben Freeman: building a global cybersecurity company

Ben Freeman discusses his experience as one of Tessian’s earliest employees and the challenges of managing expansion in his current role as Head of US.


Thinking back to when you joined Tessian, why were you excited by what the team was working on?

I was the ninth person to join the business, so it was at a very early stage, but we were already delivering real value to the handful of customers we already had on board. There was already a sense that we were on to something, and customers really liked how it worked, which can be a pretty rare reaction.

Additionally, the problems Tessian looks to solve for organizations really resonated with me. My dad is a lawyer, so I've long been familiar with the issues affecting professional services firms and the other sectors Tessian worked with in those early days. We now work with companies in all kinds of sectors and geographies, but our earliest relationships were with law firms and banks, who have some of the most challenging security briefs. 

These organizations need solutions that are extremely rigorous but which are simple to procure and deploy at the same time: relatively few tech products are able to offer this combination. 

Last year you opened Tessian’s US office and have been growing the team in New York since then. How does the US market differ from London and Tessian’s other key territories?

From a regulatory standpoint, the US is still playing catch-up. In Europe, GDPR is very stringent: it’s been an important catalyst for organizations to investigate technological solutions like Tessian. That’s not to say customers buy our software solely because of GDPR, but GDPR gives management teams additional incentives to focus on inappropriate or dangerous email behaviors. At the same time, though, regulatory shifts are happening with increasing speed in North America. In the US, we now have the California Consumer Privacy Act (CCPA), while the new Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada will also have repercussions. 

How are US organizations responding to global threats? Are innovative new technologies perceived as a vital element of a sensible cybersecurity strategy?

I feel that there is definitely more of a dedication to exploring new technologies as a solution to problems and risk mitigation. Innovation committees are very popular in the US, for instance: these are bodies within organizations made up of partners, associates, general counsels and other leadership figures including IT and compliance. As well as overseeing the organization’s adoption of new technology, innovation committees are great vehicles for us to go in and speak about the products we’re building, because there are people in the room that intimately understand the risks and the opportunities of software in combating security.

Are there any complicating effects created by the federal / state structure in the US? Does this impact the work of the security professionals you talk to?

The regulatory environment varies somewhat across different states. However, I don't at all believe this defines how organizations do business. Companies are pragmatic in their approach: they want to grow and build their networks, and this means state lines are rarely a fundamental barrier. The underlying drivers of business are ubiquitous across different sectors and around the whole country.

Professionals in the US are more evangelical than in the UK. If they believe in something, they're likely to be more vocal about it, and this provides an opportunity for Tessian to show our value. It’s an incredibly exciting time for us and we’re looking forward to the future.