Editor’s Note: The winner of the Chief Officer Awards Private Company CISO Award announced June 17 is Brian Neely of AMERICAN SYSTEMS.
On June 17, WashingtonExec will be virtually celebrating the most impactful and innovative C-suite executives in government and industry. These chief officers work in technology, security, data, operations, finance, business and more, excelling on both sides of the government contracting sector. Our team of judges have chosen the finalists for the inaugural Chief Officer Awards, so before we announce the winners during the event, we wanted to get to know the finalists a bit better. This Q&A series highlights their careers, successes, proud professional moments and notable risks.
Phil Richards is the chief security officer at Ivanti and a finalist in the Private Company CISO Award category.
What key achievements did you have in 2019?
During 2019, I led a passionate security team through three high-value security initiatives, which has enabled the mobilization of Ivanti as a leading provider of unified IT solutions for federal government agencies:
Achieving the Federal Risk and Authorization Management Program Authorized designation for the Ivanti Service Manager solution
Driving processes for Ivanti to achieve active facilities clearance so that leading Ivanti sales engineers and professional services staff were cleared to “secret” level for federal government projects
Driving companywide programs to meet General Data Protection Regulation and California Consumer Privacy Act requirements across every region, not just within the regions they apply to
What has made you successful in your current role?
I think it’s very valuable to let your team do their best work on their own. If you support your team to solve challenges in the way they envision, you not only have a team that’s capable but also truly invested in the results. This ensures success all the way along.
It’s also critical to strike a balance between business operations and security. Stop and think, is this something that will enable the business to be more effective? It’s important to remember that our role is to support the business, not just the security profile of the company.
What was a turning point or inflection point in your career?
I took on a job as the chief security officer for a company that was really struggling. In that role, I had to summon the courage to tell some painful truths about what needed to be done. It was a freeing moment.
As a security professional, I am paid to explain what’s really happening, what the truth is. This is risky because sometimes the truth isn’t what they want to hear. And sometimes they blame you for the fact that the truth exists. But that’s the role, that’s the job. You can’t take the consequences personally; you must be true to yourself and to the company you represent.
What are you most proud of having been a part of in your current organization?
I’ve been very proud of Ivanti’s response to the COVID-19 pandemic. It’s a challenging time. We’ve had some individuals contract the virus, and others who have had family members who have been tragically affected. Not only has Ivanti put in place a good plan to protect everyone, but it has shown some real compassion for individuals and the circumstances they’re going through. While enabling seamless and secure working from home, we’ve also remembered the human side of this crisis. And that makes me proud.
What are your primary focuses areas going forward, and why are those so important to the future of the nation?
This pandemic has shown one thing real clearly, which is that programs such as FedRAMP — which enables cloud offerings that can better enable secure and effective work from home practices — have never been more valuable to the country. Right now, federal workers are working from home in droves. Some of their systems support working from home, others do not. Having an efficient FedRAMP program is a big part of the pandemic response and how the U.S. government will be able to get back to work while their employees are at home. So, the FedRAMP program is a big focus for the future for Ivanti.
How do you help shape the next generation of government leaders/industry leaders?
At Ivanti, we have personally spent time with government leaders to educate them on the value cloud-enabled solutions such as service management and asset management can bring to improve workforce efficiency. Streamlining the FedRAMP program overall is an important part of this.
Right now, in front of the Senate is a FedRAMP authorization bill and we’re working to communicate what that bill does and why it’s so important. Not only can FedRAMP be part of the solution that makes government more efficient; it can also improve the use of taxpayers’ money.
What’s one key thing you learned from a failure you had?
My first chief security officer role was in a company that was heavily regulated. It resulted in a jittery company culture. While not a personal failure, it did demonstrate how the failure of a company culture can impact outcomes. What I learned is that not everything is personal and sometimes it’s better to move on to where you can have a much more positive impact.
Which rules do you think you should break more as a government/industry leader?
Sometimes, “the way it’s always been done” needs to be challenged. By being more agile when it comes to embracing new technology, the government can be increasingly responsive and secure.
What’s the biggest professional risk you’ve ever taken?
The biggest risk I’ve taken is also the most rewarding. I had to learn to empower my team to solve challenges on their own. The result of taking this risk has been truly rewarding with an entire team of passionate professionals fully invested in accomplishing united goals.
Looking back at your career, what are you most proud of?
Achieving the FedRAMP authorization was a wonderful experience. But what made it truly amazing was the cheer that erupted with over 30 people involved on the project when I announced it was completed. That meant that everyone was personally invested in our success.
What was your biggest career struggle and how did you overcome it?
As an engineer by background, I once lived in a very black-and-white world. But I’ve had to learn that technology exists within a context and you need to look at a broader picture. It’s an important lesson to see that the technology isn’t the only factor in determining a direction or strategy. You need to embrace the business impact of technology as well. To learn this lesson, I did a lot of reading and focused on furthering my business education with an MBA.
What’s your best career advice for those who want to follow in your footsteps?
My best advice is that you can’t deny the technical aspects of the job. But similarly, you also can’t short-change the importance of understanding the industry and the business impact of your job as well. You need to understand both to be successful.