Most cybersecurity chiefs have an IT background, given that technical acumen is essential to the security team’s success. But Lori Temples is proving that a top-notch IT security leader can hail from a business background, showing how such a résumé can be advantageous in guiding a mission-critical function at leading fintech payment technology developer and operator GreenSky.
Temples made her mark in customer-focused banking services. She served as vice president of convenience banking at SunTrust (now Truist) and later developed products in Home Depot’s financial services division. Later, to allow her to spend more time with her young children, she launched her own consultancy, helping financial services firms like CheckFree (now Fiserv) and eBank with business strategy in the evolving digital landscape.
A consulting gig to assist GreenSky implement security tools turned fortuitous. The consulting stint went so well that she was offered the chance in January 2017 to join the company full time to be a leader in IT security—despite no IT management experience. Her kids were older, and the timing was right. “I was lucky that they took a chance on me,” recalls Temples, who is currently vice president of IT security and business continuity.
The new role wasn’t foreign; in some ways, she had “always worked with technology folks.” At its heart, the position is largely about strategy and project implementation—areas where she excels. Still, she had much to learn. While she didn’t have to become an expert in nuts and bolts IT systems, she needed to develop a deeper understanding of IT infrastructure and security.
Temples took a certification course in security leadership from the SANS Institute to bolster her IT acumen. That class, and on-the-job learning, gave her a solid grounding in what she needed to know.
Temples’s career has been rich with projects in which she led cross-functional teams of people with diverse skills and professional backgrounds. So, it’s not surprising she had an innovative perspective on leading IT security staff.
“Everyone in the organization needs to know about cybersecurity. It’s something all associates should be invested in.”
She discovered one vital component that was lacking: esprit de corps among the security team and with other groups that regularly interacted with the department. Building personal connections is not something that comes easily to most IT workers. So, she encouraged her team members to step outside of their comfort zones by initiating social gatherings such as team building events and cornhole tournaments. “I really had to push them,” she says, “but after a while, relationships became so much stronger.”
These events fostered better teamwork, so Temples reasoned other areas in IT would also benefit. “I said, why don’t we do this with other IT departments—operations, help desk, system administration, DevOps, and network teams?”
Outreach with other groups is essential when it comes to IT security, Temples notes. These relationships spur deeper understanding of counterparts’ needs and priorities. Knowing that Task A in cybersecurity must be completed to enable advancement of a mission-critical project in operations inspires cybersecurity personnel to prioritize Task A. This principle was evident when the COVID-19 pandemic struck. Stronger bonds within IT and across the company in general helped GreenSky rapidly shift to a working-from-home model.
During March 2020, Temples led a cross-functional team to make the transition within a week and a half. Among the IT security challenges to allow customer service representatives work effectively from home was to equip them with appropriate hardware that contained the appropriate security tools. The security team worked closely with peers in networking, help desk, systems administration, facilities, and other functions to get employees up and running remotely efficiently and safely.
“We had to make sure tools were added to all of their equipment before call center people went home,” Temples says. Tutorials were created to demonstrate how to install workstations at home and how to use multifactor authentication remotely as well as access their applications through a virtual private network (VPN). The transition went as smoothly as could be hoped. Relationships established through Temples’s outreach efforts with operations leadership bore fruit. “I was never so proud of my team supporting all areas of the enterprise to make sure our associates were safe,” Temples says.
“I really had to push [my team], but after a while, relationships became so much stronger.”
With the dangers of cybercrime always lurking, Temples continues to reach out across the organization. “Everyone in the organization needs to know about cybersecurity,” she says. “It’s something all associates should be invested in. Our associates are our first line of defense.”
Her team conducts monthly simulations to maintain vigilance against phishing schemes. Fake emails sent by Temples’s team tempt workers to click on links embedded in the messages. Employees are challenged to identify these phony emails and are eligible to win prizes if they report them to cybersecurity. In addition, they have a robust awareness program that includes monthly newsletters, training, Cybersecurity Month, and other fun security-based events.
To be sure, an IT security leader must be able to understand how various systems interact and what is needed in the big picture to keep them secure. Temples takes this part of the job seriously and works hard to bolster her technical knowledge. But her project management and people management skills add another dimension that those rising through the IT ranks often lack.
“If I had come up in IT, I would have approached this job like a technologist,” Temples says. That strategy has its merits and works for many, but Temples’s unusual perspective on IT security is a perfect fit for GreenSky.
“Lori is an innovative IT and security leader who is an expert in addressing the cybersecurity challenges that can impact business availability. Together, we have strategized and rapidly executed throughout this pandemic, ensuring high company resilience and employee safety.” —Daniel Martin, vCISO, Veristor, provider of transformation business technology and security solutions.