Today I sat down with Tim Linder, Director of Security Solutions at CBTS. Tim has been in the security industry for 17 years so we thought it would be interesting to get his perspective of the changes in cybersecurity over those 17 years and how he’s grown the CBTS security practice.
I started my career in cyber security with a small information security consulting boutique in late 2003…before it was cool to be in the security world. I joined CBTS in 2006 with a vision of building a team that would be based on delivering value-added benefits to our customers. However, I was the entire team focusing on selling solutions and leveraging partner relationships to deliver services. Within the first year of our existence, we were able to develop trusted relationships with our customers and ended up with approximately $7MM in revenue. As years went by, we added more sales and technical resources as well as more vendor partners. We closed out 2019 with $45MM in revenue and 15 employees which is pretty amazing to me.
How did you get into information security?
Let’s just say it wasn’t planned, as IT and IT Security wasn’t anywhere on my radar. My career started off in telecom as a central office implementation engineer. I was in that role for a number of years learning as much as I could about telecom implementation eventually joining the Telecom Staffing business as a salesman. From 2000 to 2002 the telecom bubble hit terrible lows and I found myself needing a different career path. I took a job at a small security boutique in Cincinnati and began to learn about Check Point firewalls and antivirus. After being there for a short time I was sold on the industry, finding it exciting and rewarding all at once. After three years of learning the industry, I was afforded the opportunity to come to CBTS to develop a security practice.
What were the “top of mind” security topics when you first started at CBTS and how does that compare to what you currently hear from customers?
It’s interesting. We are still dealing with some of the same challenges that we faced in 2003 but with some notable differences. Back in the day, hackers were putting out viruses, worms, etc. for notoriety. They wanted everyone to know who was wreaking havoc in the technology world. In our current world, hackers need to remain anonymous because they’re building attacks to make money. Another major change is back in 2003, workers were in the office on their desktop computer. With the emergence of technologies, remote workers grew, devices changed, and security changed with the endpoint. Customers used to throw gear at a problem without thinking of risk. I think now you will find that everyone is most concerned about the risk associated with certain technical business decisions and therefore take a holistic approach with security.
What do you see as the main value your group offers customers?
I really look at our group as super consultative, which allows us to assist customers by understanding all the requirements of a project…meaning business, technical, and financial requirements. We don’t come into any situation or project with preconceived ideas of how we will tackle their issue. A huge positive about my team is that most of them have defended networks in their career. Whether it was with a large Fortune 5 or a small consulting firm, my team has spent time on the customer side which helps them empathize with our customers, making them more relatable. We also have a vast variety of skillsets on the team, and by working together, we bring a broad base of expertise to our customers.
Security professionals are difficult to find – how are you able to grow such a dedicated team?
You’re so right, good security professionals are so difficult to find but we’ve been blessed to have some of the best and brightest in the industry. Some of the folks on the team are folks that I’ve worked with since my career began, some are from when I first started at CBTS with contacts I made in the industry, colleagues of current engineers, or recommendations from our vendor partners. One of the things we focus on here on my team is integrity. Obviously they need the skillset and the desire to learn more. As for keeping them, I’ve really tried to provide a family atmosphere. What that means is that we are there for each other through thick and thin, helping each other with different tasks, issues, in both work and life. The other major reason we keep our talent and attract new is due to their ability to work such diverse projects whether it’s product related or focused on the consulting business. The vast amount of customers we support and diverse situations the customers put us in keeps the job interesting. The engineering crew eats that up for sure.
You’re responsible for vendor relationship, how do you choose which partners you go to market with?
I am responsible for our vendor partnerships which is now up to 70+ security partners, which can be a daunting task sometimes. There are multiple criteria that go into selecting a security partner here at CBTS. Is the company relevant in the industry, do they fit our strategy, is there demand in the industry, are they innovative, could we potentially offer managed services, and good support, to name just a portion of considerations. A number of our partnerships have spawned from relationships we’ve had for years due to the trust built by the sales and engineering folks. IT is a small enough industry but when you narrow it down even further, cyber security is even smaller. As a matter of fact, most trade shows I go to I refer to them as a family reunion because I see everyone I’ve worked with for the last 17 years.
I also look at the mindset of the company and its employees to see if they align with our same “Customer First, Customer Last” mindset. One of our vendors has this as their tagline and I’ve adopted for our team as well as in selecting partners for CBTS. Our partner’s attitude needs to be one of helping our customers and not just selling product. The ones that do this are the most successful here.
With the new work environment, corporate networks edge has expanded – how has that changed security?
The edge really has expanded from data centers to cloud to remote workers. That has driven the need to be more secure than we ever have. We need to make sure that data in the cloud is just as secure as the data in our data center. We also have to make sure that we make that remote user feel as though he/she is sitting in the office from an experience and security perspective. Can we trust that cloud providers and users are doing enough to protect corporate data? I don’t think so, which means we need to continue to be vigilant in securing data without impacting productivity.
Learn how Tim and the other experts at CBTS can help improve your organization’s security posture.