|
Getting your Trinity Audio player ready...
|
Nick Nolen likens cybersecurity to the brakes on a car. Most drivers view brakes as the equipment that slows the car down but Nolen views them a little differently. “Brakes on a car allow you to go faster,” he says. “How comfortable would you feel if you are driving at seventy-five miles an hour down the interstate without any brakes?”
Business is about speed and innovation, adds Nolen, ConnectWise’s vice president of information security. Companies that move quickly and innovate stay ahead of their competition. Information security, like the brakes on a car, provides the comfort to operate at breakneck speed. “With all the innovation and the need to move quickly with all these companies out here competing and AI technology and everything being leveraged, we can help our business avoid a catastrophe,” he says.
“At the end of the day, we have an extremely important job: protecting our company. If I don’t have a team that understands and believes in that, we risk making mistakes that could leave us exposed.”
Nick Nolen
Nolen’s direct responsibilities at ConnectWise, a software development company that creates solutions for technology solution providers, includes running product security, vulnerability and threat management, counterthreat, and identity and access management. He also supports the chief information security officer by presenting to the cybersecurity board committee, managing the budget, and contributing to the development and management of the security strategy.
The fifteen members on Nolen’s team, including his four direct reports, monitor intelligence, identify new threats, thwart potential attacks, perform security tests, and ensure that their ConnectWise colleagues have the access permissions necessary to do their jobs.
On Fatherhood
Nick Nolen calls himself a “girl dad,” and says that being a father has been the greatest gift in the world. “Fatherhood has been an incredible journey filled with ups and downs. It demands dedication, patience, and a heart overflowing with unconditional love,” he says, adding that every step along the way is an opportunity to grow, learn, and make a lasting impact on his daughter’s life.
“I’d say I have a pretty deep, meaningful connection with my daughter,” Nolen says. “I invest time in shared activities, I’m always present to cherish our memories, and I listen to her through heart-to-heart conversations.”
ConnectWise has a set of business objectives, and Nolen has aligned the goals of his security team to those of the organization. “When you break the goals down to the task level, you’re able to show up to work every day and say, ‘These are the tasks I need to get done because they map to a goal which maps to a higher goal which maps to the business goal,’” he says.
There’s rarely any ambiguity about what needs to be accomplished on any given day because Nolen logs and prioritizes work in weekly meetings, something his team greatly appreciates. “This isn’t so I can micromanage and validate they are working,” he says. “This enables us to have the right conversations to make sure we are always working on the right things.” It’s a process his team quickly embraced.
To ensure ConnectWise can safely operate at the speed with which it is accustomed, Nolen explores new ways to improve security through quarterly retrospective meetings in which he and his teams evaluate their procedures and actions. His goal is to identify and enhance those that succeeded and improve procedures that failed. “We have a lot of great foundational elements in place across all of my programs,” he says. “Some of which I’d argue are already mature. But there is always room for improvement.”
This year ConnectWise launches “security champions,” a forced multiplier—or extension—of his security team in engineering, quality engineering, quality assurance, and other departments. Embedded in teams throughout the company, these security champions provide another layer of security without draining security resources.
“The champion program is a great opportunity to upskill existing resources that are interested in security. It also allows us (security) to extend ourselves into the day-to-day operations and wave the flag when they see something security [must address],” Nolen says. “It enables our more skilled security professions to focus on the more complex challenges.”
As a leader Nolen values trust and transparency and employs what he calls the Say/Do model, one he adopted from a former boss. The Say/Do model encourages individuals to be transparent when they’re not going to make a deadline, allowing Nolen to be proactive. If someone fails to complete a task by a given due date, he says, then “there’s all-hands-on-deck, fire drills, working late, when it wasn’t necessary if we were proactive from the get-go.”
Above all Nolen has his team members’ best interests at heart. They repay him by working in concert to improve the culture he’s built. In the name of transparency, Nolen sets clear expectations and leaves little room for ambiguity.
“With all the innovation and the need to move quickly with all these companies out here competing and AI technology and everything being leveraged, we can help our business avoid a catastrophe.”
Nick Nolen
“If something isn’t clear, my team is empowered to come forward and say so. That’s called 360 transparency,” he says. “At the end of the day, we have an extremely important job: protecting our company. If I don’t have a team that understands and believes in that, we risk making mistakes that could leave us exposed.”
Nolen does not play the role of dictator but rather helps his team members grow and improve as employees and leaders. “To be successful, you have to deliver through execution. If you aren’t holding yourself accountable, you aren’t delivering. If you aren’t delivering, you aren’t improving,” he says. “In chaos, there is opportunity. Most major career accelerations happen when someone steps into a mess and makes a difference.”
Redpoint Cyber’s military grade cyberprofessionals have decades of experience in cyberoperations and apply their knowledge of the attacker perspective to facilitate efficient, effective, and scalable responses to cyberbreaches. Our personnel have extensive experience with enterprise risk management and information security and are selected based on their differentiating skills, dedication, and focus on delivering long-term, meaningful support to our clients and partners. Redpoint Cybersecurity is a human-led, technology-enabled cybersecurity firm providing digital forensics, incident response services, and cyber risk advisory consulting, specializing in proactive services such as threat hunting, ethical hacking/penetration testing, and compromise assessments designed to mitigate cybersecurity threats.
Editor’s note: as of 4/15/24, Nick Nolan is no longer at ConnectWise.
