Recently Jonathan Cogley, CEO of Thycotic Software and I sat down to discuss his unique corporate culture and in the process of this I uncovered not only his unique strategy with company building but also a very unique perspective on enterprise password management.
I love sharing unconventional thinking about topics that we normally think we have under control.
Jonathan is this type of thinker. He said to me that a CIO and CISO must ask, “Do I have control of my human and non-human accounts on my network….???”
When the topic of employee and administrator password management comes up do you assume all is well or have you asked the question in this way to your staff?…It will evoke a different response based on how you ask the question and will present a different level of risk as well.
We explore in this episode:
Jonathan’s focus on Thycotic’s Unique Culture
- The story of how Jonathan founded the company
- The journey from consultancy to software company
- The genesis of his desire to scale a great product idea
- The Thycotic core strength of being of software engineering company at heart
- Key learning steps along the way: collaboration, teamwork, and servant leadership
- How a simple decision to eliminate the pain of an upgrade for customers led to a complex product being able to be upgraded in less than 4 minutes…..unheard of!
- The importance of building a servant leadership model that embraces multi-generational workers like “gen y” for example.
- Creating a leadership style company that wants to learn, where people are proud of their work, output is high, and where people feel a sense of ownership.
CIO/CISO Objectives –
Jonathan discusses his vision as he sees discussions with CIOs and CISOs changing to RISK more and more…
Note the conversation about “human and non-human accounts”
- Brand Management – if someone hacks your twitter or Facebook credentials this can have devastating effects. Chief Marketing Officer
- Insider Threat – This is changing from malicious insiders to insiders that have been impersonated by hackers. How can you tell the difference?
- Privileged Accounts Security – Admin, local, Unix, eg.
- Service Account Security – backups and scheduled tasks
- Compliance and Regulation – how can this be automated?
- External Threats – Malware – crime
To Learn More About Thycotic Use The Links Below:
- Thycotic Company Blog
- Thycotic User Conference 2015
- Like the Thycotic Facebook Page
- Follow Thycotic On Twitter
- What is privileged account management? [1:10]
- How did Thycotic get started? [3:40]
- Thycotic’s Core Competencies and Capabilities [7:15]
- “The last thing we would want is the customer to have to go through pain for an upgrade…” [8:53]
- “Even Though I had the credibility from the community, I often had no authority” [11:58]
- “Your manager is there to facilitate and help, but not to tell you what to do” [13:54]
- “How did you stay mentally and organizationally disciplined? [15:01]
- “The danger for CIOs is that it’s [Identity Management] so darn simple, the concept, that they don’t even realize the complexity that you’ve taken away from them” [17:31]
- Human Accounts vs. Non-Human Accounts [18:46]
- CIOs and Password Management [19:19]
- “The risk very frequently is not with the human accounts, it’s with all the privileged accounts” [22:50]
- The risk presented by Service and Privileged Accounts [23:46]
- Where does Thycotic decrease costs in regards to being compliant? [28:30]
- Access Control and Authentication Options [30:06]
- Brand Management and IT Security [30:40]
- “All you have rights to as a company is the access into your social media accounts and the access control around that” [32:12]
- The importance of doing the basics [34:04]
- To Learn More About Thycotic [35:55]
Love this episode? Leave a Review
If you haven’t already, please make sure you leave us a review on iTunes.
About Bill Murphy
Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader.
Connect With Us On Social Media
Join The CIO Innovation Mastermind Community
We invite the top 20% of Business IT Leaders for my CIO Innovation Mastermind Events group to participate in monthly discussions on things like VR, AI, and other disruptive & emerging technologies. If you want to become a member, email Chief of Staff, Jamie Luber Jluber@redzonetech.net for more information.