As a CTO with too many years of experience to want to count, I’m often attracted to the next opportunity because my new company is looking to build a product that addresses a compelling problem. For example, I’m currently working on a “next generation” product to leverage voice recognition, mobile devices, smart watches and smart glasses in warehouses and distribution centers.
A pattern that has repeated itself in my career is that I come into a new role exciting to attack this “new problem”, and then reality sets in. Among these realities is, how are we going to protect our clients critical data that is housed and hosted within our environment?
The other pattern that emerges rather quickly, especially in companies in the $5M to $20M range is that the traditional IT organization is typically not prepared to handle this problem. They are typically under-staffed and under-trained. It takes a dedicated team that is keeping up with the latest challenges and techniques to combat them. The IT organization in a company this size is often more focused on traditional desktop support, keeping up with the never-ending demands of the data center… more storage, more horsepower, etc., and maybe creating a DR plan. So security gets short shrift until it’s too late and you’ve been breached.
Fortunately, when I joined the firm where I met Chris Williams, who headed up the IT organization there, that was not the case. Even when security was not the number one focus for the organization, he was on top of the situation. This put my mind at ease, and allowed me to focus on building the next generation of our flagship product… the thing that made money for the business. In the time I was there, we didn’t have a single breach, and fended off many attempts, including DDoS attacks. We also breezed through our SSAE 16 audits.
The next time I find myself facing these dilemmas, I know I’ll find all the answers I need at Perpetually Geek.