Brian Wagner, Revenir: A Collaborative CTO

Brian Wagner’s career in IT started in a way that is familiar to many – as a 15-year old with an indelible interest in computers and software. Where Brian differs from many is that by 16 he was already a professional, building solutions that people would pay for.

And what Brian learnt when he was 16 applies just as much today as it did then: it is less about the actual technology and more about what the technology does for people that matters. It’s a principle he has applied in every role at every company he’s worked at, seeing himself as a problem solver as much as an engineer. This ethos has guided his journey to his current position as CTO of Revenir and it’s a way of thinking we fully endorse at Aiven.

Security, compliance and understanding regulators

Revenir is a London-based fintech that automates tax recovery through partnerships with banks, governments and digital receipt companies. Revenir’s technologies can be implemented by banks to generate revenue and add value to their own digital interface, which places them in a strict regulatory environment, where highly sensitive data is shared every day.

In his position as CTO, therefore, Brian is now very much concerned with solving cybersecurity problems, and ensuring that both Revenir’s services and its customers are compliant with a number of national and international regulations.

Although there are particular challenges that apply to the financial sector, Brian sees his role as similar to that of his peers in other heavily regulated sectors. Revenir has to satisfy its customers, but those customers have to satisfy the regulators - which means, ultimately, that Revenir has to satisfy them too. For some, that’s just a box-ticking exercise. But for Brian, it’s about understanding what those regulators are trying to achieve and what the implications of that are.

“That’s the basis for understanding the potential risk that actual customers face, or feel they could face, when adopting a new product or solution,” he says. “We can then build in all the necessary mitigations that will assure them that the product is safe to use, and that their data will be safe at every stage.”

Fireside Chat between our CEO, Oskari Saarenmaa and Brian Wagner, CTO at Revenir

Collaboration and open source for better solutions

Brian’s work at Revenir also exemplifies his core beliefs in other ways, notably the need for collaboration and partnership. “Security and compliance often feel like areas that are in deep competition,” he says. “And certainly strong security measures can create a competitive edge for a business. But as leaders, we can collaborate, develop best practice, set industry standards and inspire others to follow suit.”

Brian acknowledges that there is a fine line to be negotiated. Sharing intimate secrets has not traditionally been a recipe for business success, after all. But in the case of security and compliance, if the total pool of knowledge, and problem-solving experience is wide and deep then it helps more businesses to succeed.

Revenir uses the Aiven open source data platform, which was not an accident. Brian believes that open source technology represents the ultimate form of collaboration – not least because it enables greater co-operation and idea sharing between individuals both within a company and across companies.

“The problems we have to solve may appear to be industry-specific on the surface, but they often have root causes and solutions that are common to a far wider community of potential experts,” he says. “We may have similar principles on things like access management, or firewalls, or whatever it is. Using open source means we can collaborate these things. We can learn from each other. I firmly believe that leaders are also learners – and if we work in a common open source environment, it is easier to build better, more innovative and yet safer products.”

Open source also plays a key role in encouraging a culture of innovation in security and compliance, empowering teams to think beyond conventional boundaries.

“As a technology leader it’s my job to make sure that everybody that contributes – engineers and managers and architects – understands the common goal of the business. I want to empower my technical teams to understand where the business is going so they can bring their own ideas and experience to the solution, and embed security principles at the beginning of the development process.” Inevitably that leads to better job satisfaction, but it’s also the path to faster and more sustainable growth.

Future vision – and building on basics

As to what comes next, Revenir is at the forefront of using artificial intelligence (AI) to support its customers – and as far as the security function goes, this is just the beginning. As Brian points out, one of the common threads about security in any technical industry is being able to detect what's normal – and what is not.

“AI is fantastic for that. It excels at pattern recognition, even the smallest deviations, so it can spot threats as they arise. But it’s also good at following rules, which is the fundamental principle of compliance, so it can really deliver there too. And if it's got some understanding of your architecture, and your service, it can proactively fix and problems – or at least flag them up. And I’m sure generative AI and large language models will improve cybersecurity knowledge overall, which helps everyone.”

Nonetheless, the need for the basics is never going away. “Things like access management, identity management – they’re still the bedrock of security, especially as we move away from the traditional data center world to a more service-oriented environment like Aiven’s, where access and identity management is key.

“However sophisticated our technology is, and however well we mitigate risks in its design, we still put it in the hands of humans – who will always be the weakest link. Even experienced CTOs make mistakes. I think if you’re going to be a tech leader, you need to remember your own frailties now and then. You’ll develop safer services – and protect more customers in the long run.”