Founder stories: Laura Bell from SafeStack
Thinking differently is what got SafeStack Co-founder Laura Bell to where she is today: running a successful global cybersecurity education platform from her home in New Zealand, with two young daughters playing nearby.
“I sort of accidentally got into software development at 16,” Laura explains. “I needed a job and stumbled into an apprenticeship as a software developer.”
After little time (and a University of Wales degree in computer science and artificial intelligence), Laura found herself working at CERN in Switzerland on the Large Hadron Collider, and then with the UK Government in counter-terrorism. She then moved to New Zealand, and worked as a penetration tester for five years before starting her own company.
“SafeStack originally started as a consultancy in 2014,” Laura explains. “We were focused on helping fast-moving, fast-growing organisations around the world. Around the same time, I co-authored a book with O’Reilly called Agile Application Security, and we established a good reputation.”
Things were going really well… until 2020.
“When Covid hit in April, our customers, who were generally small and agile, went back into their shells and tried to preserve cashflow,” Laura reveals. “We dropped 94% of our revenue overnight. We’d always talked about reaching a wider audience, so we decided that now we had a chance to do something bold.”
The big pivot
Turning the SafeStack consultancy into a product may not have happened overnight, but the business certainly adapted fast.
“We developed the first half of the product — security awareness training — and had a soft launch in July so we could iron out any kinks. Then the SafeStack Academy, which is specific training for development teams, launched in September.”
Today, SafeStack provides a community-centric online education platform that gives developers, testers and other roles in a business all the security training they need throughout the entire software development lifecycle.
“We bring together really high-quality, easy-to-navigate learning paths, alongside hands-on labs that allow learners to explore concepts they’re learning in fun, experimental ways.” Laura says.
The key to their unique approach? “Community. SafeStack is a safe place where development teams from all around the world can feel safe to say, ‘This is hard. What have you done, so we can learn from each other?’”
In this way, SafeStack connects people with others who they don’t know even exist. “A team’s problems are never unique,” Laura points out. “They’re shared by many teams across companies. Through SafeStack, teams can get extra help without having extra specialists join them.”
SafeStack has been overwhelmed with the positive customer response. They now have 44 customers in 5 countries, representing 1000 engineers and over 5,000 learners combined.
“Demand is high. People usually come for developer training, our core product,” Laura explains. “But once they see our style and approach, it gives us the opportunity to draw in more people to our security awareness training.
“This way, we can make sure security awareness is for everyone, not just certain roles.”
Security awareness for everyone
The success of this more equitable — and, frankly, useful — approach to security training is underpinned by Laura’s particular worldview.
“I genuinely believe that everyone has the right to be safe online, no matter how big their budget is, or where they’re located,” she says. “Being safe online is a fundamental need. I’m on a mission to make that happen in a way that’s as accessible and suitable to as many different organisations and roles as possible.”
That philosophy infiltrates everything about SafeStack. For example, the business tries to be gender-neutral in all things. “We use mascots — animated characters — on the platform. None of them are identified to a gender. They’re all animals that you can’t tell the genders apart. Everyone is equal.”
But, looking at the business’s makeup (eight of the nine team members are women), the philosophy obviously has broader implications.
“Our job adverts are intentionally inclusive, and structured to not exclude people who only hit 90% of the role requirements,” Laura explains. “We found that with really long role descriptions, incredible people self-select out, and don’t apply, because they think the one thing they can’t do means they can’t do the job.”
SafeStack interviews speak to culture first and technology second, and, adds Laura, “We encourage self-reflection at the interview, too.” The approach has helped the business create an environment that’s supportive, and a team that’s conscious about what it means to work in a diverse group, and communicate with a wide range of people.
This, says Laura, is part of her vision for the company. “I like that we’re coming with a different voice, and creating opportunities for diverse groups and role models.”
Leading SafeStack is, she adds, “the hardest thing I’ve ever done, but in the process, I’ve also found strengths I didn’t know I had.”