The CDI CTO Podcast

The CDI CTO Podcast with Will Huber & Christopher Fielder

November 07, 2022 CDI LLC
The CDI CTO Podcast with Will Huber & Christopher Fielder
The CDI CTO Podcast
More Info
The CDI CTO Podcast
The CDI CTO Podcast with Will Huber & Christopher Fielder
Nov 07, 2022
CDI LLC

CDI CTO Will Huber sits down to interview Arctic Wolf Field CTO Christopher Fielder. Christopher dives into the fascinating career that led him to Arctic Wolf, what makes the CDI and Arctic Wolf partnership unique, and more! 

Show Notes Transcript

CDI CTO Will Huber sits down to interview Arctic Wolf Field CTO Christopher Fielder. Christopher dives into the fascinating career that led him to Arctic Wolf, what makes the CDI and Arctic Wolf partnership unique, and more! 

Welcome to the CDI CTO podcast presented by CDI Studios. Hey everybody and welcome to the CDI CTO podcast. My name is Will Huber, I am the CTO at CDI and today we have with us a very special guest. We have Christopher Fielder, who is the field CTO at one of our strategic partners, Arctic Wolf. Christopher, welcome to welcome to the podcast. Thank you so much. I appreciate you having me on. Yeah, it's cool. We're here in our in our Parsippany office, New Jersey studios it’s very sophisticated. It's nice to have a guest in-person. Right. We had some issues with remote guest. It is actually a really nice setup. Yeah, it's pretty cool. It's pretty cool. We built out this little studio space during the pandemic and we found continual uses for it, which is which is pretty cool. So. So Christopher, what I'd like to do is spend some time really just sort of getting to know you as an individual and talking about some of your past experiences. And then we'll sort of play the play, the highlight reel of your career. Sounds good through- Yeah. Yeah, cool. So I want to go back to the very beginning, I would imagine to be in probably somewhere in your young twenties, I would say? 18. 18? 18. 18. So at 18 years old you enlisted in the United States Air Force? I was actually three weeks past walking the stage at graduation from high school. I joined the Air Force. And did you know you wanted to do that or was that sort of a spontaneous thing? Situations, you know, being a teenager It was my it was my path. Yeah. So that's what I did. Hey, well, it sounds like it set you up. Well, very well now. I’ve got no regrets. So, so interesting fact, right? It looks to me like you just based on my research, you joined the Air Force, what looks to be about exactly one month before 9/11/2001. Was about five weeks. Five weeks? Yes. Tell me about that. Like that. That had to have been a massive shock. So that was interesting. So when I went into the Air Force, you know, 2001, I went in delayed entry. And the idea everyone I talked to was like, I'm going to the Air Force. They were like, That's really smart. Nothing's going to happen. You're going to coast straight through. We're not going to go to war again. It's going to be fine. Yeah. And then I was sitting and it was field week, so we were out in tents, you know, field exercises, and I was sitting in an anti-terrorism class and one of the drill sergeants comes like busting into the back door, and he goes, Two planes just hit the World Trade Center we’re under attack. And we're all sitting there going, you know, yeah. So this is this is an exercise. You know, we just learned how to put our gas mask on. You know, we know what's going on. And he's like, No, seriously, this is real. And we kind of like, okay, well, let's see. And they put a VHS in, so that tells you how old this is. He puts a VHS in and he's like, No, watch the video. And the video didn't work. It was just static. And we were like, okay, they're really taking this like prank slash exercise far. And it wasn't until they put us on the busses and put us back in the dorms and we were on lockdown, that we went, Oh, this is real. And you were, You were what? You were in Virginia somewhere. Where were you, physically? No, I was in the Lackland Air Force Base in San Antonio, Texas, in basic training. Okay. Yeah. And, you know, we started off with five drill sergeants. Four of them got activated because it was it was real. And we ended up with one drill sergeant and it was, wow, this is this is a real situation. Wow. Yeah. What a time that must have been. I mean, now in the Air Force, you were actually in the security space, right? You were. That was your job. So so tell me about what you were doing. You're in the Air Force. So when I went into the Air Force, I was like, you know, I'm going to go and get college and I'm going to have a lot of fun. So I actually went in was like I talked to the military entrance process MEPS person that the job liaison and he was like, what jobs do you want? And so I filled out a form that said my top three jobs are I want to be journalism, radio broadcasting or photography. And he looked at it and he went, That's cute, cybersecurity. But looking at your background here, we got this cyber security. Well, it was there wasn't really a cybersecurity job so much of the time. So it was kind of a catch all of I.T. Cryptography and security. Okay. And what I learned very quickly in was remember 2001-2002 was everyone wanted to be a CCNA. It was all like networking Cisco like this is where people want to go. And what I learned was find the job nobody wants to do and do it really well. And nobody really wanted to do like the cryptography encryption security aspect. So it's like, sign me up, I'll do it. Well, my, how that's changed. Nobody wanted that job now. Now, you know, that's a it's a crazy field, right? Yeah. It's changed a lot. For good reason. And what I learned. At the time, too, was, you know, if you've got a room that's got ten CCNA’s in it and one person does crypto, guess who's indispensable in that situation? So that's right. Very cool. So so you spent, I think four years in the Air Force and then then you moved in or transitioned to a role with the CIA? Yes. So you go from the military to the intelligence world. Yes. Also in a cybersecurity focused role. Yes. I'm going to ask the question. You might not be able to answer it, but. But what was that like? I mean, what were you doing with the CIA? You had to see some really crazy stuff. I saw some really cool technology. And I worked on something called Project Sunscreen and Project Beach Ball. I honestly, you can look it up, see if it's been declassed, I don't know. Honestly, I don't keep up with it. What I can tell you is that it was kind of a direct translation from what I was doing cryptography wise in the Air Force. And so that's why it was an easy transition in. And the job itself was very cool, you know, a lot of really neat stuff, a lot of really cool technology. I was in McLean, Virginia, and I got to tell you, when it was time to start a family, it was just this is not the place that I think I really want to raise my kids. Not that it's a bad place. I love it. Just I'm from a smaller area. And so I was like, that's what I want my kids to experience. So that was really the reason I left that. So you left the CIA and then jumped into the private sector? Yes. Right. And held various different roles with multiple consultancies. It looks like Fidelis Carbon Black, which is now now with with VMware is a partner of ours, the Sans Institute, but all sort of in a cybersecurity focused roles. I think you dabble in some product marketing and those types of things. So, so you went military young adults fresh young adult right. Eighteen years old into the CIA. Right. High pressure situations, I'm sure. Yeah. Now into the private sector. What was that transition like and what did you bring to the private sector that maybe somebody that didn't have that intelligence or military background could could offer? Yeah. So it's being able to deal with high pressure situations, being able to say, you know what, this is not going to be just a 9 to 5. I'm going to do what I need to do to make sure the mission is complete. And I know that sounds very military or whatever, but that's kind of the attitude you have to take to a lot of this is, you know, here is our goal. We need to make sure that is accomplished. Whatever it's going to take to actually do that. I think that's kind of set me up to be successful in many ways because you may have gotten emails or people that may be listening. You've gotten emails from me at two or three in the morning because I'm still working because that's just, you know, it it needs to get done. It needs to get done. Very, very cool. I think it's a it's a fascinating progression. Right. And one that that isn't isn't common for for sure. It looks like we have a couple of things in common and sort of shifting directions here a little bit. You looks like you started your your graduate degree or your master's degree at WGU. Yes. Right. So WGU is also near and dear to my heart. I did my bachelor's at WGU. And I think a lot of people don't know what WGU is. Oh, it's amazing school. It really is. And you know, one of the things so for those who don't know WGU is a is an accredited online university where you can earn your your bachelor's degree or a master's degree or even. Well, I don't know if they're doing doctorates now or not. But oh I have my fingers crossed that they will. Yeah. That would be cool if they did, if they're not already. But there's a, there's a teachers college, they're, they're huge in the, in the I.T. space, they've got a business college. And so you did your master's. What was it in. In in information security. But I've actually been considering going back and doing an MBA and I believe they have an I.T. focus on that one as well. They do. So I've remained connected to the university. I'm actually part of the the Northeast Alumni Council with WGU now. And what's cool and what I thought this is cool as we were preparing, I didn't know this prior to to us preparing for this, but WGU is actually doing a cybersecurity career fair coming up. It's actually a month from today. So it's the 13th of September. Now it's October 13th where they're doing a career fair and CDI is taking part in that. You know, obviously security is very important to our business. We're always looking for security minded, technically curious, smart individuals who want to grow their careers. And so so we're going to sponsor that. I thought I just thought it was cool that you have that background. I would always record it. In fact, I have recommended that school to many people that I've worked with. Just because it works around your schedule is competency based, which I think is excellent. And yeah, you get a lot out of it. To talk more about competency based, because I'm a big believer in technical certification and I think, you know, competency based to me, why don't you describe...? The Bachelor of I.T., I believe, is one where a lot of the check points are being able to pass what you consider classes or modules is going to be based on certifications that are actually directly translating into the real world. Right. So you don't just leave with your bachelor's degree, you leave with your bachelor's degree and a myriad of certifications where you say, this is what I've learned, because, you know, a degree is in some respects a piece of paper. It's okay. You sat through the class, you passed whatever that teacher's test was, you know, cool. But with those additional certifications or that competency based approach, it's, you know, this is kind of a vendor neutral also approach to saying everyone recognizes this., and knows that you had to know these skills and you had to understand this content in order to receive this certification. And I think that's really useful. Yeah. And it's industry recognized, right? They're aligning to all the same certifications. That organization’s like us and yours, right. Have people pass and to demonstrate competency. I think what's been great about them too is, you know, when I first was in the Air Force, there were a few online schools, but there was some stigma to that, like, oh, it's an online school, it's not a real school. What they've been able to do is kind of really break down that into where there's they don't have that stigma anymore about it's an online school. Okay, cool. But I've learned way more than a lot of people. They've sat through classes. And now fast forward to today and we're doing everything online, right? Like we're doing our jobs online or we're educating our kids online. A You know, it's I think they've sort of paved the way in a lot of respects to that model. And I remember when I was doing mine, I was working a global job at EMC. I was flying all over the world. I took my little webcam with me and they recorded you doing these online proctored exams. I think I counted at one point. I think I did WGU exams in like 12 different countries. Wow. Try doing that in a traditional, you know, schooling. It's not going to happen. Absolutely. Yeah, cool. I think that I think that's awesome. So, you know, I want to talk about Arctic Wolf, which is where you are now. What is it that, you know, you've obviously you have a vast experience across, you know, private sector, public sector. What is it that drew you to Arctic Wolf? What, What is it that made you want to join them? I got a call from who is now our CMO, Dan Larson, about seeing if I was interested in this job. And he kind of pitched the company to me of this is a cyber security services company. But what made it interesting is really the vendor neutral approach and the fact that it is 100% service driven. It is not trying to sell another tool because there's so many amazing tools that are out there. You know, you've named a few that I've worked for, but every one of them, in my experience, is saying that the best tool is, you know, the one that they're selling. And the truth is the best tool that's being sold is the one that fits your environment and it works best for your people. Yeah. And I really like this approach of saying we want to work with whatever is out there and we want to provide the best security operations for the customer. We want to make sure the customer is secure or as we say now, we want to end cyber risk. Yes. Yeah. So so I want to touch on a couple of things that you just said there. You said vendor neutral. Yes, right. That that is, you know, as a partner. Right. A channel partner of many different technology companies in the security space and otherwise, we obviously we represent a lot of technology. Right. And one of the things you said, too, was just because the right tool for Company A doesn't doesn't mean it's the right tool for company B or C or N. Yes, absolutely. And it's all about how what is the right shape of puzzle piece that snaps for that particular customer. I love that approach. Yeah, because I've got really I'm going to be honest, I got a little frustrated with, you know, working with some vendors that are out there that would always try to stick a square peg in a round hole. And that's not the case. They need to take the approach of saying what is best for this customer, because I feel that we're really all in the same team of we're trying to stop, quote, bad, right? We're trying to stop the next attack from happening. And that's going to require the right tools, which are the right ones for that customer. Very cool. Very cool. So, yeah, describe you've been an Arctic wolf now, what, two, two and a half years? Okay. So at the beginning of your tenure with Arctic Wolf, what was your first job there? Because I think it's changed a little bit. Yes, right. Well, get to the Field CTO, where did you start? Sure. I came on as a Director of Product Marketing. From my previous experience as a product marketer with Fidelis, I was with and I really enjoyed it. You know, but it wasn't quite what I saw as me wanting to do in the long term. Like I love it. And I also started to work with somebody I’m going to namedrop here. I started to work with a coworker named Matt Trushinski, who is the senior director of product marketing at Arctic Wolf now. And he showed me what a real product marketer should be. He was amazing. When he came on board, I was like, Yeah, you've got this. Maybe there's something. Else I have for you, right? Exactly. Hey, that's great. I think, you know, recognizing where maybe somebody else can can make an impact and finding something else to do. Right. That's that's an admirable trait, I think. Speaking of marketing, right. Maybe I don't know if we if we could pull it up. I think this is we've done a lot of creative marketing with our partnership with with Arctic Wolf. In fact, you can see there on the screen, we just pulled up. We did a we did a customer event where we went to a brewery and actually we created this this beer it’s the CDI Arctic Blonde. It's actually a picture of it in my kitchen. And I maybe took a few of those from that from the fridge at the office that I wasn't supposed to supposed to take. But it's been a great partnership. Honestly, I think the marketing is great. The service and the platform stands on its own. We love the sort of vender neutrality aspect there, you know, so so we appreciate that that partnership for sure. It's been it's been great. And I think that is so cool what you were able to do there. Yeah, it's it's always fun. We're always looking for creative ways to do things that are that are customer facing and fun and and also, you know, support the mission, so to speak. Cool. So, so fast forward to current day. So you're in product marketing. You brought in this guy, Matt, who is a great product marketer and maybe you hand the reins to him. What are you doing now as the Field CTO? What does that what does that mean to to our-? Because I find it's a little different depending on whether you're at a vendor company or it is. So I actually took the position over from somebody I consider a mentor. So he's kind of well known the industry. His name is Ian McShane. He's now our VP of strategy. Okay. But what I do day to day is very much, you know, a mixture of events like this, but also research and being able to work with customers in a way where it's like, well, what problems are you facing? And based on my experience, what can I help you overcome? Yeah, you know, when it comes to research, there's a lot of things that are out there that I'm like, Well, there are no statistics or there are no numbers or information on that. Let's put some time and effort into that. So we're able to do kind of a a trends report of where do we see cybersecurity going based on what's happening right now? We're about to put out another report that I've been working on, which is on compliance and what's going on in the world of compliance when it comes to cybersecurity, because there's a misconception that being compliant is secure and being secure is compliant, and they are very different worlds. And so we're finding some very interesting things like, you know, we found there, but less than half of organizations out there employ anyone full time for compliance. You know, they kind of say compliance is- we'll get around to it when we can. We do the best we can. And that translates to us because with our concierge security approach, we're able to say if you need assistance with compliance, whether that's helping to identify reports or what compliance you fall under, we can absolutely do that as well so we can help you where you need. Very cool. Very, very cool. So so you mentioned you spent a lot of time with customers. Yes. And you you look for pain points. You look for where we struggle. You mentioned compliance and those types of things. What other trends are you seeing out there? Like what are the like the chief complaints are the market conditions. I think that where Arctic Wolf, can ultimately step in and help customers solve the challenges. So there's a few there. You know, one is being vendor neutral, also holistic in the what we look at for telemetry. Unfortunately, some customers or some individuals are out there. Some organizations can fall into the trap of saying, I just need one thing to really help solve my problem. But there's this like silver bullet or magical pill or. Right, exactly. Or a really good endpoint tool. Really good endpoint tool will solve my problems. And that's all I need for security. Yes and no. Like a really good endpoint tool is going to work. If you're 100% deployed, you're managing it nonstop and you're able to respond immediately. But those are very difficult conditions to get to. So we also say we need to look at the network. We need to look at your cloud resource, especially with the cloud adoption rate trend that we found was that over 99% of organizations I know that's hard to say, over 99%, but it's like 99.2% of organizations are using some form of cloud, but less than 19% are actually using some sort of cloud security posture management and putting the effort in to secure their cloud because of how quickly they can adopt it. And that is a major security gap like visibility that they're not getting in areas where they're probably getting unfortunately compromised. So we're trying to step in and cover that area as well and help with those issues. Got it. So with with with that with cloud, you know, I think we've seen a lot of sort of early adopters. And, you know, it's easy when it's easy, sometimes you circumvent process or maybe maybe you don't have the education that you need to to properly cloud in air quotes. Talk about the I think what is a unique differentiator for Arctic Wolf, in my mind is the emphasis on that. It's service driven, right? And it's very people and process oriented. Yes. I think we tend to in our minds as technologists and we all are, there's always an emphasis on tooling. Yes. And you mentioned the endpoint tooling and those types of things. But talk to me about the importance of the people and process elements to a proper security posture. It's a simple question. It's would you rather have the best tools and know people or the best people in very limited tools? Right. Because the best is done by somebody with just a hammer and chisel. Right. Like amazing sculptures. So really good, talented people need to be the foundation of your security program. And that's what we're able to provide. Not saying it has to be this particular technology stack, it has to have these things involved. No. let's get our concierge security team in there. Let's get our triage team in their lives, identify what's going on. We can use our visibility capabilities to start to help you and then you can build your security posture and your security program off of that. And I think that's going to give you the strongest foundation, because if you go in just going, I'm going to put millions of dollars into this tool stack and have no money left over to hire the right people. It's all going to come falling down. Or I'm 20% deployed or. Exactly right. And we've seen this in the past. You know, I hope you don't mind me saying, but there was a very large breach at a retail vendor a few years ago. You may know what I'm talking about when they did a post mortem of that incident, what they found was that the alert existed in the tools. . That saw that this occurred. Sure. But they didn't have people they were able to respond to in time. And it was a massive breach. So by coming in and saying, we want to operationalize this and we want the people to be the foundation of your security posture, we can prevent things like that from happening. Yeah, I love that. I think I think it's a great, great approach. Let's flip directions a little bit. Talk about the channel. Sure. Obviously, we're we're a channel partner of Arctic, Wolf. We represent your technology. And what is it in your mind as the field CTO? Right. You go out, you're out there, you're visiting a lot of customers. I'm sure you're supporting the sales teams a lot. What what value does the channel bring to you? Right. And to your organization? So we work with amazing channel partners. We are 100% channel. And I did love that about joining Arctic Wolf as well. You know, I. Love it direct. Of course, but it helps us to stay focused on the service to say, you know what, we know our strengths. We're going to keep playing to our strengths. And then anywhere where we may need some additional assistance, whether it's helping to build out a technology stack or if there's an area of service that we don't provide. We have these amazing partners able to step in and say, Well, we can help you to cover any of those gaps. We can help get them where they need to be. You know, we don't need to feel like we need to push a certain set of technology because we have our partners that understand that customer understands their pain points and then can say, this is who we worked with, this is who we like, this is who we think would work for you. And guess what? Arctic Wolf works with them as well. Love it. I love it. Give me your best. Like pretend I'm, you know, mom or dad or grandpa. Give me your Arcitc Wolf elevator pitch. Or if your mom or dad or grandpa, I'd say, Do you know how you're always calling me asking for help? That's what you're doing with Arctic Wolf. Okay, if you have any kind of issues with security or questions or really anything, that's what we're here to do. And another easy way I kind of describe people is we use this term concierge security, concierge security engineers. And when people call, what does that actually mean? I'm like, well, okay. If you were to put the money into building your own security operations center and hiring all the people that you need, you should be able to stick your head in that door of the SOC and go, I need this report. I need to understand where we stand here. I need to understand what it looks like from our defense position and get that. And that's exactly what you could do with this team. What do you get? Is what do you need? What do you need? How can we help you? Elevator pitch, that is. Let's see here. I'm trying. Remember how we say this? We are a vendor neutral security operations platform that is delivered through concierge security. I hope. I hope I said that the right way. Love it. Love it. Very good. All right. Any. Any last words? I guess I'll. I'll leave you the opportunity to maybe direct people for where they can go to learn more about about Arctic Wolf. So arcticwolf.com is our website. We're always doing some sort of marketing event, I believe, tomorrow and the day after that. I have some webinars coming up, so please check out our calendar of events that we have going. We also like to do lots of events with partners, you know, especially if you're going to have more free beer out there. Yeah, we can get people to to join. We want to hear from you. So if you have any questions, reach out to us or one of our channel partners. And we would love to just talk to you about what we're able to provide for your organization. Awesome. I love it. Christopher, thank you for being here. Thank you for joining us today. Thank you for your service. Appreciate it. Thank you. And thanks for being a great partner of CDI. We really, really. It's been excellent. So thanks for having me. All right. Thank you, everybody. We'll see you in the next episode of the CDI CTO podcast. The CDI CTO podcast is brought to you by CDI, hosted by Will Huber and produced by Alyssa Hall and Spencer Grogan. To learn more about CDI, you can visit CDILLC.com The CDI CTO podcast is a production of CDI Studios.