Alchemy CyberDefence CTO Christo Esterhuizen is leading a team that’s building solutions that are one step ahead of cybercriminals.
Christo Esterhuizen, CTO at Alchemy CyberDefence, a cybersecurity solutions provider, is helping expand the company’s footprint from its Australian roots to the US. Alchemy’s South African base is in Cape Town, where Christo resides. “As we expand into other regions like the US, I anticipate relocating to either Sydney or Texas in the next few years, with regular trips to our future London office,” he says.
In the meantime, Christo’s primary focus is on continuous development and improvement of Alchemy’s solutions. “We’re improving the back-end, adding new features and customising based on client needs,” he explains. The team’s approach emphasises agile development, sprints, and significant investment in R&D. “This includes developing in-house or acquiring technology – what I call the fun part: shopping for tech.”
As CTO, Christo’s responsibilities extend beyond product development. He ensures that Alchemy’s internal operations stay at the cutting edge of efficiency by experimenting with new tools and encouraging collaboration between people and technology to make their jobs easier. “The great thing about technology is that there’s always something new, you can even see it in our daily lives with the tech we touch: our phones, tablets and TVs, and within my realm of cybersecurity,” he adds.
When asked to describe his role in simple terms, Christo offers a lighthearted analogy. “If I had to explain my job to a child, I’d say I’m like a superhero fighting off bad guys, using the latest tech as my tools.”
Although he is fully versed in the technical aspects of IT, he identifies more with the business-minded CTO persona. “I’m equally passionate about the business side of technology, ensuring that we deliver value through innovation and strategy,” he says.
Outside of work, Christo balances his superhero duties with his love for gaming. He jokes about splitting time between the joystick and watching Frozen with his children for the 100th time. “It’s fascinating to see how gaming has evolved – from my first console to today’s immersive experiences that feel like watching a movie.”
“When I reflect on my first gaming console and fast-forward to the one I own today, it’s really fascinating how technology has evolved,” he points out. “Today’s games are so realistic and playing them almost feels like you’re watching a movie – it’s a really immersive experience I enjoy when time permits.”
Catching the bad guys
At the core of Alchemy’s mission is visibility. “You can’t protect what you can’t see,” says Christo. His team’s primary role is providing clients with complete visibility of their digital environments, helping them identify and mitigate risks.
“The biggest challenge is ensuring that organisations actively implement the security measures they have in place. Missing just one unchecked user account can create a vulnerability for cybercriminals to exploit,” he warns.
Christo also addresses the notion that Africa lags behind in cybersecurity. “I think that’s changing. Africa’s financial and telecommunications sectors are on par with the rest of the world. Education will play a crucial role in adopting new technologies and not fearing change.
“Data privacy and responsible use of technologies like AI are increasingly important. Tracking, monitoring and ensuring compliance with data privacy laws are essential steps in this process,” he adds.
Data is the new gold
Christo observes that banks continue to be prime targets for cybercriminals due to their financial assets. However, today’s criminals are increasingly after data known as the ‘crown jewels’. Hackers now focus on what organisations value most: their information,” he explains. “A perfect example is the Walt Disney hack, where more than a terabyte of company data, including proprietary information, was leaked."
According to Christo, it’s not the type of organisation being targeted that matters, but the value of the data. “Hackers either hold that information for ransom or make a copy to sell on the dark web,” he says.
“Reputational damage is one issue, but if sensitive information is made public, it puts competitors in the know, creating a dangerous situation where many companies opt to pay ransoms,” Christo notes.
Looking ahead, Christo expects organisations to place greater emphasis on protecting client data, particularly with stricter penalties for non-compliance with regulations like the POPI Act.
“Today’s cyberattacks have far-reaching consequences. Beyond reputational harm, exposing customer data can lead to serious legal trouble. In fact, I believe some cybercriminals would take satisfaction in seeing a top executive jailed for a breach,’ he concludes.