The Cyber Business Podcast

In this episode… Rich Bates dives into the reality of federal cybersecurity requirements, offering a grounded look at how CMMC and NIST 800-171 are reshaping government contracting. He shares how Zeiders navigates the “woolly mammoth” of compliance by focusing on policies that are both thorough and adaptable. Rather than bogging down in static documentation, Rich keeps his System Security Plan evergreen, linking out to living procedures that evolve with tools and systems—ensuring agility in audits without sacrificing structure. For contractors wrestling with cloud and remote work, Rich breaks down the value of enclave environments, particularly Microsoft GCC Moderate and High. He emphasizes that even call centers—once considered too complex for secure remote deployment—are becoming more viable thanks to FedRAMP-approved platforms and integrated encryption. His biggest caution? Don’t let program offices over-secure projects to the point of eliminating good vendors: “If IL2 is good, IL4 isn’t necessarily better—it’s just more restrictive.” Beyond technical controls, Rich shines in communicating with everyday users. In company-wide standups, he avoids jargon and delivers “news you can use,” like how to create strong, memorable passwords or why phishing emails now look indistinguishable from legitimate ones. He teaches with humor (“I’m going to manufacture a keyboard with a built-in whiteboard for sticky notes”) but his message is serious: cyber starts at the keyboard, and the people behind it matter most. Finally, Rich offers a compelling call to action for future cybersecurity professionals: focus on threat hunting. He shares why puzzle-solvers, neurodivergent thinkers, and those drawn to pattern analysis are uniquely equipped to succeed in this field. For young people—or parents of kids interested in cyber—he recommends exploring free labs, SANS resources, and even military cyber commands as a launchpad into the world of defense-grade cybersecurity.

3/26/25 • 34:35

In this episode… Randall Jackson shares his unconventional journey from desktop publishing in the late '80s to leading cybersecurity in a modern financial services firm. Starting out on early Macintosh systems and troubleshooting AppleTalk networks, Randall quickly became the go-to IT expert in his organization. After his role was outsourced, he transitioned into the MSP space, gaining experience in systems engineering and eventually leading entire IT operations. Randall highlights the need for scalable and repeatable security processes within managed services, emphasizing the shift from ad-hoc solutions to industry-standard tools like ticketing systems and RMM platforms. His leadership journey includes developing custom ticketing systems, building career paths for IT staff, and transitioning from reactive support to proactive security services. He also addresses the rise of AI-generated phishing emails and the battle of AI vs AI in email gateways. Randall shares how his team combats these threats through live and video-based security training, helping employees recognize and report suspicious activity. The episode closes with practical advice for those entering IT: start on a help desk, learn how systems work, and build strong troubleshooting skills.

3/24/25 • 37:41

In This Episode: Nastaran Bisheban shares how she leads VetStrategy’s IT team in supporting veterinary clinics across Canada. With responsibility for infrastructure, cybersecurity, service desks, digital platforms, and data analytics, her team ensures seamless support for clinics so veterinarians can focus on caring for animals. She explains VetStrategy’s buy-and-build approach to technology and how her teams create custom tools when off-the-shelf solutions don’t align with business needs or timelines. Nastaran’s leadership philosophy centers on operational excellence driven by human behavior. She emphasizes the importance of knowing team members’ strengths, interests, and motivations to align work with passion—igniting productivity and satisfaction. She describes creative ways to inspire her team, from push-up challenges before software releases to competitive Lego builds and baking contests. These initiatives foster collaboration, reduce stress, and create an engaging environment where team members thrive. Throughout the conversation, Nastaran shares how fun and discipline can be powerful allies in leadership, and how leaders must master the ability to zoom in for tactical support while zooming out for strategic vision. Her passion for people-first IT leadership offers valuable insights for anyone managing diverse, distributed teams—especially in high-pressure environments like technology and healthcare.

3/19/25 • 38:51

In This Episode: Greg Tsirulnik discusses his unique role as CIO of Creative Home Ideas, a leading home textile company with operations in the U.S., China, Turkey, India, Pakistan, and more. From bedding and rugs to towels and curtains, the company produces and distributes both licensed and in-house brands found in major retailers like Costco, Walmart, and Target. Greg shares how his background in fashion and manufacturing allowed him to seamlessly transition into the IT space, leveraging his deep understanding of business operations to solve technical challenges. Throughout the conversation, Greg emphasizes the importance of passion, resilience, and continuous learning. He recounts his path from helping his father in a Soviet-era cooperative to managing a complex IT infrastructure for a global enterprise. He also shares his philosophy on leadership—treating people with respect, maintaining a sense of humor, and always showing up for the job you want, not just the job you have. Beyond IT, Greg dives into his personal development journey, revealing details about his upcoming book, The Lens of Possibility, a daily guide to inspiration and transformation tailored for IT professionals and executives facing burnout. The discussion touches on the pressures of being an IT leader, the stigma around admitting mistakes, and the need for better communication and support within organizations to prevent isolation.

3/17/25 • 65:06

In this episode… David Epperson’s career has been anything but ordinary. After 20 years in the military and another two decades in federal cybersecurity, he transitioned into the private sector, bringing his expertise to H2O.ai, an AI company that emphasizes trust, accuracy, and security. David shares how H2O.ai differs from traditional AI companies by focusing on open-source AI models, hiring the world’s top data scientists, and ensuring AI is explainable, which is a critical factor for government and enterprise adoption. He discusses the challenge of third-party AI validation, where competitors validate AI models to ensure fairness, accuracy, and transparency. Transitioning from a structured federal environment to a fast-paced private sector was both exciting and challenging for David. He reflects on the differences in leadership, stability, and decision-making between government agencies and AI startups. He also highlights the importance of corporate culture in cybersecurity, explaining how great companies are defined not just by their products but by how they treat their employees and clients. Finally, David shares valuable advice for cybersecurity professionals looking to navigate AI-driven security landscapes. He emphasizes that there is no single path to success in cybersecurity and AI, and that curiosity, adaptability, and integrity are key.

3/14/25 • 37:35

In this episode… In this insightful conversation, Billy Spears discusses the intersection of AI and cybersecurity, emphasizing how companies need to embrace AI-driven solutions to detect and mitigate threats faster than ever. He shares how Teradata's AI Unlimited platform is helping organizations automate threat detection and analyze massive amounts of security data at scale. Billy also breaks down the importance of cyber hygiene, comparing it to everyday habits like brushing your teeth—small, consistent actions that prevent major problems. He discusses the rise of social engineering attacks, particularly the recent surge in smishing attacks involving toll road scams, where hackers exploit fear tactics to deceive victims. Beyond technology, Billy emphasizes the value of spirited debate and open conversations in cybersecurity. He highlights the diverse roles within security, from governance to engineering, and why collaboration across teams is essential for building effective security frameworks. For professionals looking to build a presence online, Billy shares how he grew his LinkedIn following, offering practical advice on consistency, authenticity, and audience engagement.  

3/10/25 • 39:39

In this episode… Chris Crist’s career trajectory is a testament to how adaptability and continuous learning can pave the way for success in IT leadership. Raised in a large Hispanic family, Chris never envisioned himself in a high-profile technology role. It wasn’t until he joined the U.S. Air Force that he realized his potential. Initially enlisting as a combat medic, he discovered his passion for technology through mentorship and hands-on experience. Encouraged by his supervisors, he pivoted to IT operations within the Air Force hospital system, eventually leading a large-scale technology department. His transition to the civilian sector was met with challenges, including the cultural shift from military to corporate IT. As the CIO of a hospital system at just 25 years old, Chris quickly learned the importance of strategic communication. Early setbacks, such as failing to convince executives about critical IT upgrades, taught him that influencing decision-makers is as vital as technical expertise. At ATL, Chris now oversees critical IT infrastructure, cybersecurity, and innovation to ensure smooth airport operations. He highlights how AI and automation are transforming aviation IT, from real-time data analytics to enhanced security measures. His leadership philosophy revolves around mentorship, hiring for cultural fit, and fostering innovation in IT teams.  

2/28/25 • 50:04

In This Episode: Legal firms handle some of the most sensitive client data, making them prime targets for cyber threats. Adrian Ciocan, CIO of Lerners LLP, has worked diligently to transform his firm’s security posture, moving from a reactive to a proactive approach. He discusses how cybersecurity is no longer just a technical issue—it’s a business risk that requires buy-in from leadership. With cyber threats, particularly business email compromise and ransomware, on the rise, Adrian emphasizes that education is the most effective line of defense. His team runs comprehensive security awareness training programs, ensuring everyone—from receptionists to partners—understands the risks and knows how to respond. But security isn’t the only focus. Adrian shares how he’s built a culture of mentorship and leadership within his IT team, drawing from his own experiences. He believes the best way to develop IT leaders is to empower them to think strategically, not just technically. His approach fosters trust, collaboration, and growth, proving that IT can be a business enabler, not just a support function. Finally, we dive into the future of IT in law firms, discussing AI, automation, and security innovations that are reshaping the industry. Adrian explains how AI-driven security tools are helping organizations stay ahead of cybercriminals, making IT teams more efficient and proactive.

2/24/25 • 44:56

In this episode… Daniel Ford discusses the evolving landscape of cybersecurity in financial institutions and the importance of fostering a positive security culture. He shares how Jovia Financial Credit Union has integrated cybersecurity into its strategic planning, treating it as a top-tier business risk rather than an IT function alone. With a focus on proactive and predictive security measures, Daniel outlines how Jovia uses phishing tests, cybersecurity champions, and gamification to engage employees and enhance security awareness. Beyond cybersecurity, Daniel delves into his leadership philosophy, emphasizing the importance of continuous learning, adaptability, and mentorship. His belief in developing strong teams through education and positive reinforcement has led to an environment where employees actively participate in cybersecurity initiatives rather than viewing them as burdensome requirements. Daniel also discusses his passion for leadership development, which extends beyond cybersecurity. As the founder of Echelon Orchid, he helps executives and professionals refine their leadership skills, encouraging a mindset of constant growth and adaptability. Additionally, he shares insights from his entrepreneurial venture, Dragon’s Mouth Distillery, where he applies the same principles of innovation and quality to craft unique spirits. His perspective on leadership is deeply rooted in discipline, self-improvement, and accountability, principles that have guided him through his career in cybersecurity and beyond. Whether in IT security, business management, or entrepreneurship, Daniel’s approach revolves around a commitment to excellence, learning from setbacks, and continuously striving for improvement.

2/18/25 • 57:20

In This Episode... Matthew Connor sits down with Kevin Hall to discuss IT’s evolving role from a support function to a strategic driver of business growth. Kevin shares how Westconsin Credit Union has shifted IT beyond the traditional “fix-it” mindset, emphasizing business enablement, internal development, and cross-department collaboration. A key focus is breaking down IT gatekeeping by empowering frontline employees with technical knowledge, fostering a culture where technology is embraced rather than feared. This approach has allowed Westconsin Credit Union to promote internally for IT roles, ensuring a strong cultural fit while strengthening the organization’s technological foundation. Kevin also highlights the transformation of cybersecurity from a regulatory necessity to a business enabler. By integrating security into broader business discussions and framing it as a risk mitigation strategy, organizations can move beyond the outdated “department of no” mentality. Additionally, Kevin explores AI’s role in financial services, noting its potential to automate processes, enhance fraud detection, and provide personalized financial guidance to members. As the conversation wraps up, Kevin encourages IT professionals to embrace change, collaborate across departments, and take advantage of non-traditional paths into the industry. By combining technical expertise with business awareness, IT can drive meaningful innovation and long-term success.

2/7/25 • 38:43

In this episode… Nagesh Anupindi shares his journey from data warehousing to founding Apoorva, a company focused on helping SaaS businesses stabilize, optimize, and grow. He discusses how bad data can break a business, the risks of hiring the wrong development teams, and why many companies turn to Apoorva when their software is in trouble. One of the most compelling aspects of Apoorva’s approach is their revenue-sharing model. Instead of demanding large upfront costs, they align their success with their clients' revenue growth—making them an ideal partner for SaaS businesses looking to scale. This model was born out of necessity when a company in crisis had no cash to pay for development. The result? A win-win solution that helped both companies thrive. Nagesh also breaks down why many SaaS founders make costly mistakes—from hiring offshore developers without understanding software foundations to choosing cloud hosting solutions that don’t scale effectively. Apoorva steps in to fix these issues, whether it’s through rescuing failing projects, rebuilding platforms, or offering a more cost-effective cloud hosting solution than AWS and Azure. Finally, Nagesh introduces Apoorva’s D9 framework, a nine-phase software development methodology that ensures projects are delivered on time and with high quality. He also shares why they only hire employees with an IQ of 120 or higher, emphasizing the importance of critical thinking in software development.

2/3/25 • 37:09

In this episode… Vlad Podoliako shares his journey from an entry-level IT position to founding Belkins, a top B2B acquisition agency. He explains how Belkins grew into a multi-company ecosystem, solving critical business challenges like email deliverability through its product, Folderly. Vlad’s approach to entrepreneurship is rooted in solving problems for his own team and clients, leading to innovative solutions that branch out into entirely new businesses. He emphasizes the value of teamwork, highlighting how his co-founder dynamic and strategic hiring process have been instrumental in managing 14 businesses. Vlad discusses the challenges and rewards of building a strong organizational culture that prioritizes individual growth, stating, “If people grow, everything flourishes.” Vlad also details the technicalities of email marketing, from optimizing deliverability through tools like SPF and DKIM to refining outreach strategies for diverse industries. He shares examples of surprising success in industries like furniture manufacturing and nonprofits, proving that with the right strategy, even traditional sectors can achieve outstanding results. For entrepreneurs, Vlad offers practical advice on time management, leveraging co-founders, and staying opportunistic, while reinforcing the idea that strong teams and innovative problem-solving are key to sustainable growth.

1/28/25 • 37:00

In This Episode Matt Huff shares his remarkable journey from factory work to becoming the CIO of Tanner LLC, one of the premier accounting firms in Utah. Matt discusses how Tanner has embraced cybersecurity as a core offering, providing services such as SOC 2 compliance, ISO 27001 audits, and penetration testing. He explains how his pragmatic approach to IT helps simplify complex systems and align them with business objectives. Matt delves into his philosophy of keeping things simple and focusing on core business outcomes, emphasizing the importance of balancing security with usability. He highlights the significance of vendor security in today's SaaS-driven world and offers insights into how companies can evaluate their vendors' cybersecurity posture beyond just certifications. Listeners will also gain valuable insights into how IT professionals can better communicate the value of security to business stakeholders and why understanding business objectives is crucial for IT success. Matt underscores the need for IT leaders to position themselves as enablers of growth rather than obstacles, ensuring that security measures support rather than hinder business operations.

1/22/25 • 34:39

In This Episode: It opens with Sarfraz Shaikh, who provides a compelling overview of the digital transformation accelerated by the pandemic. He highlights the rise of remote work, social media, and telehealth, as well as the challenges of data protection and regulatory compliance. Sarfraz emphasizes the evolving role of IT, transitioning from a "department of no" to a strategic enabler within the organization. By leveraging agility and collaboration, he explains how companies can navigate the complex interplay of technological innovation and security. Next, Christos Ruci reflects on his unique journey as a CIO during the height of the COVID-19 pandemic. Christos recounts his innovative approach to gaining executive and board support for a comprehensive cybersecurity program through tabletop exercises that underscored potential vulnerabilities. He also shares his methods for fostering a culture of cyber awareness, highlighting the importance of leadership’s active involvement in promoting cybersecurity as an integral part of overall company safety. Finally, Geoff Moore discusses the critical value of SOC services in today’s threat landscape. He offers a pragmatic perspective on the shrinking window for patching vulnerabilities and how SOCs provide essential monitoring and real-time detection. Geoff also underscores the importance of creating a cybersecurity committee that includes finance, legal, HR, and compliance to ensure collective responsibility for security decisions. His insights into balancing technical needs with business priorities resonate as actionable advice for IT leaders.  

1/3/25 • 29:18

In this episode… Bruce Otte dives deep into the intricate workings of JERA, a leading energy company that blends power generation with global energy trading. He unpacks the fascinating history of JERA, which emerged as a collaborative response to Japan's energy crisis post-Fukushima, highlighting its transition into a powerhouse managing $60 billion in assets. Bruce provides a behind-the-scenes look at the complexities of scaling IT infrastructure to meet the demands of a multinational corporation operating across diverse sectors, from thermal energy to renewables. He shares the challenges of managing cybersecurity in the energy sector, emphasizing the critical importance of safeguarding critical infrastructure from evolving threats. Listeners will gain unique insights into the evolving energy market, including the potential of small-scale nuclear power and the regulatory challenges hindering its adoption. Bruce also reflects on lessons learned from real-life crises, such as Hurricane Burrell, and the steps JERA has taken to enhance business continuity and resilience. This conversation is a treasure trove of knowledge for anyone interested in the future of energy, the intersection of IT and operations, and the growing role of cybersecurity in critical industries.

12/30/24 • 43:35

In this episode… Maximo Bredfeldt shares his unique perspective on leadership, IT, and the power of confidence. Drawing on years of experience, Maximo explains the challenges of scaling IT systems for a logistics company like Longship, emphasizing the importance of moving beyond a small-business mindset. He highlights how IT must not only support business processes but also enhance them to avoid scaling inefficiencies. Maximo dives into the role of failure in building resilience, recounting a pivotal moment early in his career where failure became a learning experience under the guidance of a supportive leader. He explains how great leadership allows for teachable moments, even in high-pressure situations, and why it’s crucial for IT professionals to celebrate their successes. The conversation also explores the cultural differences between workplaces in Germany, South America, and the United States. Maximo reflects on how varying attitudes toward work and personal life shape employee satisfaction and success. Through stories of mentorship, Maximo underscores the value of building relationships, seeking guidance, and fostering a culture of accountability and pride in the workplace. Lastly, Maximo opens up about his own leadership journey, sharing how he’s building a “dream team” at Longship and inspiring others to pursue their goals with confidence. Whether you’re an aspiring IT leader or an established professional, this episode is packed with actionable insights and motivation to take the next step in your career.

12/19/24 • 78:43

Briana Brown shares how De Nova Collaborative Health leverages technology to provide exceptional patient experiences. Even during the pandemic, De Nova adapted swiftly, growing its virtual healthcare capabilities and maintaining patient trust. With locations expanding across Arizona and a heavy focus on virtual care, the organization ensures flexibility and accessibility for its patients. A key theme in this episode is the integration of AI in healthcare. Briana highlights how AI can assist providers by automating documentation, improving efficiency, and enhancing patient interaction. This focus on technology not only supports healthcare professionals but also ensures patients feel prioritized during visits. Briana also emphasizes the importance of people, process, and technology in creating a successful work environment. She discusses the balance between remote work and in-office collaboration, noting the unique benefits of team bonding in-person and the productivity gains from working remotely. Reflecting on her journey, Briana illustrates how her diverse background in operations and healthcare shaped her IT leadership philosophy. Her dedication to improving processes and focusing on mission-driven results makes her a standout leader in the healthcare IT space.

12/13/24 • 41:57

In this episode… Bradley Enneking discusses the monumental task of consolidating 36 acquired banks into a unified operating company under the HTLF brand. He shares how standardizing processes across 11 distinct brands was the most challenging yet rewarding aspect of the transformation. While unifying technology was relatively straightforward, Bradley emphasizes that change management and aligning processes were key to success. Drawing from his extensive experience, Bradley provides actionable advice on gaining executive buy-in for IT projects. He highlights the importance of focusing on the “why” behind initiatives, using analogies and storytelling to bridge the gap between technical teams and non-technical leadership. His approach fosters collaboration and ensures alignment with business goals, creating a cohesive and motivated team. On the topic of AI, Bradley offers a pragmatic perspective. He describes HTLF’s exploration of generative AI and machine learning, focusing on practical applications like predictive analytics, data governance, and natural language processing. Bradley advises using the current AI hype cycle to build foundational technologies and warns against seeing AI as a universal solution. Instead, he views AI as a tool to enhance efficiency and decision-making in regulated industries like banking. Bradley also shares his leadership philosophy, emphasizing empowerment and accountability. By encouraging team members to take ownership of their roles, he fosters innovation and career growth while building a culture of trust and collaboration.

12/6/24 • 41:21

In this episode… Erich Gazaui discusses Papa's mission to combat the loneliness epidemic affecting senior citizens. With services offered nationwide, Papa leverages Medicare Advantage to provide companionship through its network of Pals, creating meaningful connections that improve seniors’ mental and physical health. Erich explains how the company operates remotely while maintaining a personal touch, ensuring that Pals and members have seamless access to their proprietary platform. Erich dives into the challenges and solutions of managing HIPAA compliance, emphasizing the importance of safeguarding sensitive information through rigorous internal processes and external consultations. He also shares the journey behind building Papa’s technology stack, combining proprietary systems with enterprise-grade solutions to ensure scalability and efficiency. Drawing from his own career path, Erich reflects on the non-linear journey to becoming a CIO, starting with his passion for technology through video games. He highlights the importance of mentorship and community, underscoring his commitment to fostering leadership through groups like Inspire, where CIOs can share challenges and solutions in a supportive, commercial-free environment. Finally, Erich provides actionable insights on creating a chat-first organizational culture, leveraging short, relevant training modules, and managing notifications to boost productivity. His experiences illustrate how IT leaders can drive innovation while maintaining a focus on mission and values.

12/2/24 • 48:24

In this episode… Noel Toal sheds light on how DPV Health seamlessly merges its mission of community care with operational efficiency through innovative technology. Noel explains DPV Health’s nonprofit funding model, supported by federal and state governments, and how the organization invests in ICT to optimize resources and deliver critical services to Melbourne’s socioeconomically vulnerable populations. Noel delves into the critical role of AI at DPV Health, emphasizing its potential to streamline clinician workloads by automating administrative tasks. He discusses the organization's sentiment analysis for contact centers and predictive modeling for appointment scheduling, which have significantly improved patient and staff experiences. Additionally, Noel shares insights on leveraging Microsoft Dynamics to unify siloed healthcare data and create a more holistic view of patient care. This innovative use of CRM technology enhances efficiency, ensuring patients receive tailored care while reducing redundancies. His vision for integrated healthcare data across sectors paints a promising future for improving patient outcomes and operational coordination. Noel also compares Australia’s healthcare system with international models, highlighting its focus on universal care and government-funded programs like the National Disability Insurance Scheme (NDIS). He outlines how DPV Health uses these resources to provide equitable care while navigating budget constraints through ICT-driven efficiencies.

11/22/24 • 39:00

In This Episode: Kevin Heineman shares his experience as the Chief Information Security Officer at Lyric, a company he describes as a "30-year-old startup." Kevin explains Lyric's transition from being part of Change Healthcare to becoming an independent entity focused on payment integrity for major health insurance carriers. He dives into the company’s foundational approach to security, including leveraging the NIST cybersecurity framework to establish robust governance, endpoint security, and monitoring systems. Kevin highlights Lyric’s unique approach to integrating AI—not as a general tool like ChatGPT, but as a bespoke solution tailored to healthcare data. He underscores the importance of building secure AI models by focusing on data governance, input-output controls, and ongoing monitoring. His reflections on navigating a fully remote organization, alongside the company’s emphasis on recruiting talent nationwide, provide valuable insights for modern businesses. From his early days in consulting to his current role, Kevin discusses the value of adaptability and continuous learning. He shares his take on the future of AI and the need to embrace it as a productivity tool rather than a replacement for critical thinking or technical skills. With his coined term "AI obesity," Kevin warns against over-reliance on technology and emphasizes a balanced, responsible approach to innovation.

11/18/24 • 32:38

In this episode, Matthew Connor sits down with Jason Ledney, the IT Manager at Saint Vincent de Paul of Baltimore, who shares insights on managing IT for a nonprofit with diverse operational needs. Jason explains how the organization serves various underprivileged groups through Head Start programs, homeless shelters, veteran support, and more, creating unique IT requirements for each division. He elaborates on the challenges of balancing security and accessibility across these services, highlighting the importance of adhering to compliance standards like HIPAA and FERPA to protect sensitive data. Jason also discusses the financial constraints nonprofits face, especially in IT and cybersecurity. With a grant-based budget, prioritizing cybersecurity initiatives is crucial, yet difficult. Jason shares how he navigates these challenges by maximizing his team’s resources, strategically outsourcing, and educating colleagues on cybersecurity hygiene. His MSP experience brings a fresh perspective to internal IT management, allowing him to view each department as its own client, ensuring customized and efficient support. As cybersecurity threats become increasingly sophisticated, Jason emphasizes the importance of cyber-awareness for all employees, drawing on real-world examples like the dangers of QR code scams. He discusses the risks posed by advancements in AI-driven threats, such as deepfake voice and video scams, and the need for robust identity verification measures. Wrapping up, Jason shares his nontraditional career path from music teacher to IT professional, underscoring the value of adaptability in today’s tech landscape.

11/11/24 • 25:43

In This Episode In this episode, Matthew Connor hosts Christos Ruci, CIO of Limbach, as they discuss the critical overlap between infrastructure and cybersecurity. Christos shares his unique career path—from AOL customer support to CIO of a national building solutions provider—highlighting how each role shaped his approach to IT leadership. At Limbach, he has adopted a business-first perspective, ensuring that every technology decision aligns with company strategy and mission. A central focus of the conversation is Christos’s proactive approach to cybersecurity, especially his effective use of tabletop exercises. Recognizing the impact of a potential cyber incident on critical environments like hospitals and data centers, he organized a comprehensive tabletop exercise with Limbach’s C-level executives and board members. This hands-on method created urgency and buy-in, setting the foundation for Limbach’s robust three-year cybersecurity strategy. Christos also discusses the importance of fostering a security-conscious company culture, with regular phishing tests and cybersecurity training emphasized from the top down. Supporting his mission, he collaborates with Inspire CIO, a peer-led organization that fosters professional growth and shared industry wisdom. Christos advocates for a balanced approach that leverages both internal development and external expertise, enhancing Limbach’s cybersecurity resilience and operational success.

11/1/24 • 32:57

In this episode, Matthew Connor engages with J.D. Whitlock, Chief Information Officer of Dayton Children’s Hospital, to explore the unique demands of nonprofit healthcare technology. J.D. shares his career journey from Navy officer to healthcare administrator, and finally to CIO, where his strategic approach drives the hospital’s technological and security advancements. In a nonprofit setting, he faces the dual challenge of maintaining high standards in technology while working within resource limitations, always balancing the mission of patient care with the need for robust cybersecurity. J.D. offers an in-depth perspective on the financial challenges in healthcare, particularly as labor costs have surged post-pandemic. He explains how essential donor support is for expanding critical services like adolescent behavioral health. Emphasizing cybersecurity, he details how Dayton Children's employs active monitoring and risk assessment to safeguard against potential breaches, a necessity as hospitals are increasingly targeted by ransomware attacks. Additionally, J.D. reflects on his consulting work, where he assists health tech startups in understanding the complexities of entering the healthcare market. His insights provide a valuable guide for companies aiming to navigate the healthcare landscape. In closing, J.D. speaks to his mission-driven role, where his commitment extends beyond IT to foster a culture centered on patient safety, resilience, and care—a focus he and his team uphold every day.

10/28/24 • 34:02

In this episode… Sarfraz Shaikh shares his unique journey from working in marketing and communications to leading the IT department at One Mesa. With an educational background in IT, Sarfraz was able to leverage his technical knowledge and communication skills to help shape the company’s IT strategies during a time of growth. Starting in a loosely structured environment, Sarfraz played a crucial role in developing a more formalized IT department, building a roadmap for the company’s hardware, software, and cybersecurity needs. He emphasizes the importance of alignment between IT and business objectives, especially in an industry as dynamic as oil and gas, where One Mesa operates across three distinct business units. Sarfraz also dives into the value of frameworks like the ISO 9001 certification and the Malcolm Baldrige National Quality Award, explaining how they provide a structured approach to managing risk and improving processes across the organization. He describes how these standards ensure not only compliance but also foster continuous improvement, pushing the company to measure and demonstrate real results. In addition, Sarfraz discusses the concept of “strategic agility,” where IT teams must stay nimble and responsive to rapidly changing technological landscapes. He highlights the intersection of agility and compliance, noting that IT departments must act as enablers, supporting the company’s growth while maintaining strong cybersecurity measures. By understanding industry trends and focusing on collaboration across departments, Sarfraz has been able to implement solutions that drive efficiency and security while adapting to new challenges.

10/21/24 • 40:44

In this Episode: In this episode, Alex Campbell shares his journey from Zimbabwe to Canada, with stops along the way in Europe, where he gained experience in a wide array of industries, eventually leading to his current role at Healthy Planet. Alex talks about the evolution of Healthy Planet from a small family-run health store to a well-known Canadian retail chain, with over 30 stores, as they continue to expand their footprint. He emphasizes the importance of maintaining operational efficiency while implementing new technology solutions, such as AI and automation, to improve customer experience. Alex goes in-depth on the latest innovations at Healthy Planet, including their use of AutoStore, a high-efficiency automated warehousing solution that helps reduce operational costs while boosting online store throughput. He also highlights how Healthy Planet is integrating AI into customer interactions, potentially leveraging data from membership cards to deliver personalized advice and services. With a vision focused on the future, Alex discusses the importance of balancing day-to-day IT management while planning for strategic growth over the next few years. Alex's insights on cybersecurity are particularly relevant, as he explains how even well-established companies are facing unprecedented challenges in the digital age. He stresses that while technology brings numerous benefits, companies must also build security into their infrastructure from the beginning, rather than as an afterthought. Alex explains the delicate balance between the cost of security and its importance, noting that investment in cybersecurity is a protective measure that companies can’t afford to ignore.

10/11/24 • 65:41

In this Episode Evan Jost brings a unique blend of experience from the military and corporate sectors. As an IT manager at HighLevel, Evan’s transition from managing on-site aviation infrastructure to a global, remote workforce presents a fascinating journey. He shares how HighLevel’s integrated platform offers affordable solutions for businesses, especially when compared to competitors like HubSpot, without sacrificing quality or functionality. Evan discusses how his prior role involved managing physical assets across multiple locations, dealing with everything from security cameras to fiber-optic networks. In contrast, his current role at HighLevel allows him to manage IT remotely, which has brought about a new set of challenges, especially in global procurement and asset management. Evan delves into the complexities of managing a distributed workforce, touching on the difficulties of ensuring timely hardware delivery and maintaining operational efficiency across different continents. He highlights the value of strong partnerships with vendors like Workwise, which helps streamline asset procurement in various countries. The conversation also covers the significant learning curve that comes with switching from Windows-based systems to a predominantly Mac environment, as well as the importance of mobile device management (MDM) systems like Intune for maintaining security and operational consistency. In terms of cybersecurity, Evan emphasizes the need for vigilance and adaptability. With threats becoming more sophisticated, he explains the importance of early detection and rapid response, particularly in a remote work setting. As the conversation progresses, Evan shares his leadership philosophy, inspired by his military background. He believes in fostering team morale by shielding his employees from unnecessary stress and ensuring they have the resources they need to grow, both professionally and personally.

10/7/24 • 55:48

In This Episode... Rich Walker takes us through the fascinating journey of building Quik!Forms from the ground up. Initially starting with an Excel-based hack to automate financial forms for his clients, Rich soon realized the larger potential of creating a streamlined solution for an industry burdened with paperwork. Through sheer determination and technical innovation, he, alongside his mother (his technology partner), began building a software platform that would eventually manage over 41,000 forms for thousands of users. Rich emphasizes the value of perseverance, explaining that the early years were far from smooth. With only six customers in the first year, it would have been easy to give up, but his vision for the long term kept him going. The episode dives deep into the tough but necessary choices Rich had to make, such as selling his dream car and leveraging credit to keep the company afloat, showing the personal sacrifices often required in entrepreneurship. A key theme in the conversation is the importance of empowering others. Rich’s philosophy of enabling financial professionals to do their best work is not just a marketing slogan; it’s embedded in the core of Quik!Forms’ mission. This focus on user empowerment has driven the company’s growth, turning a software platform into a vital tool that saves users millions of hours and helps them stay focused on their core work, rather than getting bogged down in paperwork.

9/30/24 • 40:50

In this episode… The world of IT is diverse, encompassing industries from corporate offices to entertainment venues. As Chris Benson shares his experiences working at Imagine Entertainment, he sheds light on how IT plays a critical role in maintaining a seamless movie-going experience. Imagine Entertainment is not your typical movie theater chain — they specialize in providing luxury experiences, from recliner seating to high-end dining, bowling, and more. In this episode of The Cyber Business Podcast, Matthew Connor interviews Chris Benson, IT Manager at Imagine Entertainment. Chris talks about his path into IT, from starting as a system administrator to managing IT across multiple theaters. He also discusses how Imagine Entertainment integrates IT into their luxury movie theaters, creating an unparalleled experience for customers. Chris explains how IT professionals like him keep operations running smoothly, how he deals with challenges, and how Imagine’s leadership fosters a collaborative corporate culture. Plus, Chris shares his thoughts on cybersecurity, managing IT remotely, and the importance of continuous learning in the ever-evolving tech world.

9/23/24 • 36:15

In this episode of The Cyber Business Podcast, Matthew Connor welcomes Geoff Moore, Chief Information Officer at Valmark Financial Group, to delve into the complex world of cybersecurity in financial services. Geoff shares his experiences managing the intricate balance between regulatory compliance and the operational freedom of independent financial advisors. He explains how Valmark navigates the delicate line between offering flexibility to advisors while ensuring strict adherence to data protection standards imposed by regulators like the SEC and FINRA. Geoff introduces Valmark’s innovative "My Shield" platform, designed to consolidate critical cybersecurity information into an accessible report for advisors. He explains how the platform provides financial advisors with a clear, actionable overview of their cyber posture, simplifying the often-overwhelming task of cybersecurity management. By integrating these reports into their commission statements, Valmark ensures that advisors stay engaged with their cybersecurity health, boosting both visibility and accountability across the board. The conversation also explores broader trends in cybersecurity, from the rising threats of sophisticated AI-driven cyberattacks to the importance of adopting cutting-edge technologies like multi-factor authentication (MFA) and device authentication. Geoff offers valuable insights into how financial firms can protect themselves in an increasingly complex digital landscape while highlighting the importance of collaboration within the C-suite to drive security initiatives forward.

9/13/24 • 42:22