Coalfire’s Larry Jones Talks Future Cyber Threats and Taking Charge
(Page 2 of 2)
constantly rising. Five or ten years ago, people weren’t really worrying about this stuff. They are now very top of mind and they are building sophisticated systems to address this.
The speed of technology change is rapidly accelerating. There’s new payment systems, new virtual systems, new cloud technology. Every time a new technology comes along, we help build new security into them. The access points to a breach get bigger.
The reality is large corporations can be safe within their four walls but if they connect to billing systems, that information is flowing out to a vendor. The idea of vendor management and security beyond your four walls is starting to become more of an issue. Your data is flying around the ecosystem of the supply chain you have.
X: What operations does Coalfire maintain in New York?
LJ: About six years ago, we started distributing our operations in nine different offices; New York is one of our bigger ones. Each office has sales and technology delivery teams who go to our clients.
X: Are there any particular industries that use your service the most now, or which you expect will need cyber security assessments going forward?
LJ: The credit card industries, payment providers, and merchants started worrying about data and compliance eight or ten years ago, so we have a lot of clients in that industry. Healthcare, they are just now starting to get worried about protecting their patient data. Some of the emerging areas are energy, oil and gas, and facilities. The adoption of high-end cyber security programs has been relatively soft. Until either regulation, or a major breach, comes along, industries tend to not get serious about cyber security because it’s expensive. We can help them understand and navigate where to put their money to protect critical assets; you’re never 100 percent safe.
X: Are we looking at a potential future where we deal with more frequent breaches, including through connected devices?
LJ: The opportunities for breaches is going to increase; there’s no doubt in any of our minds. The good news is as the world gets more sophisticated, it builds more security into the initial products. Fifteen years ago fraud was about credit cards; a lot of fraud protection became everyday in the banking world.
Now there’s a payment system built in the latest iPhone with fingerprint security and encryption. There are ways to build products that are safer, but the more products there are that connect to the Internet of things makes it more challenging.
X: You were chairman before taking on the CEO role after Dakin passed away. What has the process been like, and why did you become CEO rather than search for someone outside the company?
LJ: Rick’s passing was a very traumatic event for the organization. He was one of three founders, and had been CEO since the inception. His energy will be missed. The company spent four to six weeks coming to grips with his passing.
I had been very active over the past 18 months, almost as a co-CEO, so the transition was a pretty obvious decision for the board and the transition was relatively smooth despite the emotion.
I’ve been a serial CEO. This is my seventh company, all technology-related. The company is moving from a venture culture to a more grown-up culture, where the process, sophistication, and leadership become very important. I’m more of a larger-company guy. Rick and I worked side-by-side because I brought scalability skills to the table. As the company scales from 300 people, growing 50 percent a year, I think I can bring some of those things to the forefront.