Tom Quinn: The mark of making a difference. [CISO]
Tom Quinn: My name is Tom Quinn and I am the Chief Information Security Officer at T. Rowe Price.
Tom Quinn: It wasn’t until I joined the Navy that I started getting exposed to what we would consider modern computers. I thank goodness I had an opportunity to go to grad school when I was in the Navy. And, they taught computers like they do any other operational specialty in the service assuming you know nothing, which was helpful because I didn’t
Tom Quinn: It was fascinating and for me, I needed that kind of depth and that kind of understanding and patience for me to overcome some of my lack of significant experience in that space.
Tom Quinn: The first person who really encouraged cybersecurity professionalism was, you know, the first CISO I worked for and he really was innovative. He really loved this stuff and he really showed me how technology is a double-edged sword: it could be used for good and it could be used for mischief or evil. And, having that unveiled or that veil lifted was really an eye-opener and that is what hooked me.
Tom Quinn: I would encourage people to have practical experience with computer systems. Testing and classes and certifications are good ways to understand the body of work, but a lot of what goes on in cybersecurity is pretty blue collar work and it’s important to make sure that you really understand at a deep level how these systems connect and what they do.
Tom Quinn: Be curious about it. Really know at a level of detail what’s going on. And, I often say to my team, and I often say to our interns, you should be able to ask why five times because invariably it really is those details that are going to be the difference between safety and soundness in your environment and not.
Tom Quinn: I often just say that our job is to keep the hackers at bay. It is an oversimplification but there’s some truth to that and I think for most people either not in the technology or cyber profession, it resonates with them.
Tom Quinn: Very infrequently is there a technology problem. Technology works. What I find interesting is often it really is trying to understand how people work. Some of these expectations that they’re bringing to the table of how they think somebody should operate and act and what they should do, isn’t the same thing as they think. And, I really do find that a lot of time is spent to build a relationship with somebody so that you really do understand what problems they are trying to deal with on a regular basis so that you can come to the best options that you have available. Sometimes you have to operate at people speed.
Tom Quinn: I really would like to leave behind to the cybersecurity profession the fact that you really can make a difference, that there are practical things that you can do to solve some of the problems that we have. And, I think that the other side of my legacy is the people that I’ve had an opportunity to provide leadership, guidance, advice and opportunities for and seeing how they blossom over time. And, I think for any leader, that really is the mark of making a difference.
