Building a Hacker Mindset and Why It's Important

Who is Ferd Hagethorn?

Ferd Hagethorn is the Director of Security Services at Planit Testing, a global quality assurance company operating in Australia, New Zealand, India, and the UK.

Based in the scenic city of Wellington, New Zealand, Ferd plays a crucial role in shaping and leading the cybersecurity practice for Planit Global.

In his position, Ferd has been instrumental in defining and establishing the Security Testing practice within the company.

His expertise extends to serving clients both nationally and internationally, providing critical cybersecurity services and insights.

Ferd is known for his candid approach to discussing challenges and goals in the cybersecurity field.

He brings a wealth of experience to his role, offering valuable perspectives on vendor relationships and alternative approaches to common industry practices.

Ferd emphasizes the importance of developing a "hacker mindset" - a proactive and innovative approach to identifying and addressing security vulnerabilities.

His work at Planit Testing involves not only implementing robust security measures but also fostering a culture of security awareness and continuous improvement.

Ferd's insights and expertise make him a respected voice in the cybersecurity community, particularly in the Asia-Pacific region.

His leadership at Planit Testing contributes significantly to the company's reputation as a leader in quality assurance and security testing services.

Pro Tip for Connecting with Ferd

Skip the fluff. Joseph appreciates clear, concise, and informed conversations.

Lead with genuine curiosity and be ready to discuss specific security challenges or solutions—he’s all about practical, actionable insights.

And if you can squeeze in a good story or two, even better!

Insights and Key Takeaways

Building a Hacker Mindset is Essential for Security Teams

Insight: The “hacker mindset” is crucial for cybersecurity success. It’s about thinking beyond the technical aspects and understanding the broader business context and potential threats.

Ferd believes this mindset enables his team to identify vulnerabilities comprehensively and provide clients with clear solutions.

The hacker mindset is more than technical prowess—it's about creativity, curiosity, and problem-solving.

Professionals with this mindset think like potential attackers, identifying how systems could be exploited.

They also consider the business implications of security flaws, allowing them to provide more strategic and effective solutions.

Clear Requirements Streamline Security Solution Evaluations

Insight: Defining precise requirements helps Ferd and his team filter potential solutions quickly, ensuring only the most fitting tools get considered.

Clarity in requirements is not just about making the evaluation process faster; it’s about improving the overall quality of the decision.

By listing functional and non-functional criteria, Ferd can immediately disqualify tools that don’t meet his needs.

He emphasizes the importance of honesty from vendors—if they overpromise and underdeliver during evaluation, their chances for a second consideration are slim.

Automation Relieves Talent Shortages

Insight: Automation is key to addressing the ongoing shortage of skilled cybersecurity professionals. With talent spread thin, automating routine tasks helps free up experts for more complex work.

Automation doesn’t replace human expertise—it enhances it.

By automating alerting, patching, and other repetitive tasks, Ferd’s team can focus on strategic analysis and threat detection.

This approach not only boosts efficiency but also reduces burnout among staff, making the work environment more sustainable and attractive to new talent.

Test Tools in Shadow Mode Before Full Adoption

Insight: Ferd prefers to test new tools in “shadow mode” before fully integrating them into client reports. This allows his team to verify the tool's effectiveness without committing to it prematurely.

Testing tools in shadow mode helps security teams evaluate accuracy, performance, and reliability in real-world conditions without impacting current workflows or client outcomes.

This strategy ensures that new tools complement existing processes and meet Ferd’s strict standards before becoming a core part of operations.

Vendors Should Gamify Training to Boost Developer Engagement

Insight: Ferd sees potential in gamified training programs for developers, which can not only make learning more engaging but also track and reward improvements in secure coding practices.

Traditional training methods often fail to captivate developers, leading to inconsistent results.

By incorporating game mechanics into training, developers can receive instant feedback, see their progress, and earn rewards for reducing vulnerabilities.

Gamified training not only enhances skill development but also reinforces positive security behaviors over time.

Vendors Must Maintain Relationships Post-Sale

Insight: Ferd values vendors who offer ongoing support and technical expertise, rather than disappearing after the sale is made.

The relationship between vendors and buyers shouldn’t end after the transaction.

Continuous engagement—such as regular check-ins, prompt responses to issues, and technical support—builds trust and demonstrates commitment.

Vendors who foster strong relationships stand a better chance of future business, as clients like Ferd appreciate partners who actively contribute to their success.

My Final Thoughts

The hacker mindset demands curiosity, constant learning, and a willingness to break free from cookie-cutter marketing tactics.

So, here’s my challenge to you:

• Get curious—beyond the surface.

• Test your assumptions—don’t be afraid to break the mold.

• Make learning a habit—the best hackers are always leveling up.

Because if you’re not evolving, you’re just part of the noise.

Until next time,
Dani