They are in charge of information technology for the A-list names among Atlanta’s Fortune 500 companies. They are armed with multi-million dollar budgets and some very smart colleagues. But those responsible for information technology strategies at UPS, Coca-Cola, Porsche, Cox, the Atlanta Braves and Fulton County realize that when it comes to cybersecurity, they’re only as strong as their weakest third-party vendor links.
“I can’t be successful without partners,” said Greg Gatti, senior director of information technology for the Atlanta Braves. “Look at the new (SunTrust) stadium. Everything is networked – the building, lighting controls, point of sale systems, everything. We rely heavily on the right partners to enable us to deliver the infrastructure technology security we need, and doing so in a manner that’s not going to put our fans at risk.”
Gatti was one of the six IT leaders taking part in a panel discussion at the Waverly Renaissance Hotel for Wednesday night’s 13th annual ATP/Technology Association of Georgia CIO Roundtable. The panelists didn’t have to wait long for a cybersecurity question; right out of the gate, radio/TV host and panel moderator Dana Barrett raised the spectre of Home Depot’s 2014 data breach – enabled by hackers using a vendor’s network credentials – as she asked panelists about vendor/partner vetting.
Mark Dawson, VP for Information Technology with Cox Enterprises, told the audience that as recently as five years ago, it may have been just one company department or “silo” handling vendor assessments. “That’s expanded now to get legal involved, to talk more about digital and physical security, a lot more supply chain procedures. It may make onboarding more complex, but it does reduce the risk. We have to understand the background and risk assessment capabilities.”
A rapidly-growing local tech startup may have an intriguing new enterprise product or service that gets the attention of UPS. Yet, its VP for Information Services, Nick Costides, has to think about his company’s reputation first in a business climate that now includes regular reports of major data breaches. “We’re a trusted brand in the physical and online world,” he told the audience. “A lot of partners have gone through the vetting process, and as they go through that we put them through a security risk assessment that’s significant – some on paper, some using physical testing. We will never compromise security over customer or supplier data.”
None of that means the major companies represented on stage don’t want to hear from smaller companies pitching their wares – as long as it’s done the right way. According to Costides, that means doing your research on the company you want to sell to; don’t wait for them to figure out if your product fits their business model.
Also, “please don’t email me and then follow up with copying your original email,” said Fulton County CIO Sallie Wright. “You’re trying to make me feel bad. I deal with 800 emails a day. If I’m really interested in your product, I’m going to reach out to you.”
The larger organizations/companies are also trying to reach out to potential IT hires, but Atlanta’s booming technology community means more competition for top talent, even among those who were on the ballroom stage Wednesday night.
Gatti guessed that Atlanta’s unemployment rate for IT professionals was even lower than the national industry standard of less than two percent. “It’s pretty darn cool to work for the Braves. I come to work very happy,” he said. “The job helps sell itself, but we still have to pay industry standards. We’re competing with these guys here. They’re after the same type of talent we are.”
When asked about the lack of diversity and women in technology careers, Wright brought up the selling point of being able to telecommute in many IT jobs. “There’re lots of wonderful opportunities when you want to start a family,” she said. “It’s also important to mentor kids and help them understand what the opportunities are because they don’t really know what IT is.”
Wright said she recently spoke to Georgia State University students and noticed many foreign-born faces and names. “We have diversity from that perspective, but in some IT security jobs you have to be a citizen to get the job. Some of these considerations have to be thought through.”
When asked about technologies their companies are tracking, Gatti spoke of his goal for a robust, reliable network at SunTrust Park, and not just for Braves games. 200 GB bandwidth courtesy of a partnership with Comcast should mean a fast network for the “live/work/play” environment that includes mixed-used development. “We want you to come out 356 days a year, not just the 81 days when we have a ballgame.”
Although most people buy Porsches for the performance, “we’re making a big push with connected cars,” said Tom Roach, Director of North American IT for Porsche Cars North America. That could include remote repairs of vehicles with over-the-air upgrades to internal systems. Porsche is also looking at applications and technologies involving dealers “that provide experiences for customers to make sure they have access to information on our vehicles.”