IT security in today’s dynamic business environment has become paramount. Thanks to an e ever-expanding population of malicious and persistent cybercriminals, organizations large and small are facing unprecedented challenges around network compromise, data theft, ransomware, and social engineering of personnel. The risk these types of breaches pose to organizational operations, regulatory compliance, and reputation are greater (and more costly) than ever… and there is no sign of hackers letting up.
“The most robust, cutting-edge assessment on the market at a highly competitive price point.”
Rising above this cyber-fury is the team at BAI Security, who are taking on the challenges of today’s IT security threats with unmatched expertise and innovation. With their array of truly ground-breaking IT security assessment and compliance services, BAI is providing essential protection for their clients, who are in the most highly regulated – and therefore most vulnerable – sectors, such as banking and finance, healthcare and pharmaceutical, utilities, insurance, legal, and more.
In an exclusive interview with CIO Look, President & CEO, Michael Bruck (MB), along with Chief Strategy Officer, Dr. Michele Wilkens (MW), share thoughts and details about the company’s and their journey in the IT security space:
What is your role in the company, and what did you do before you started or came into this business?
MB: As President/CEO with a dual CTO function, I have served as the architect of our methods and offerings since our founding in 2007. Thanks to an extensive technical background, I am able to vision and build our tools and services from the inside out — not what all CEOs can (or want) to do, but something I relish to this day. It keeps me grounded in clients’ needs and emerging technologies – and as a bonus, it gives me ‘street cred’ with our audit team, who ha ve impressive backgrounds of their own! I also rely on my partnership with Dr. Wilkens for our growth strategy and driving new partnership efforts.
MW: As Chief Strategy Officer, I spearhead our trajectory into new sectors to meet the growing cross-industry demand for truly expert IT security services. Part of this is leading talent acquisition, bringing gifted, experienced, certified folks in-house to bring our vision to fruition. I am also responsible for employee learning and development, communications and outreach, and managing organizational change. I have over 20 years’ experience spanning business, education, and mental health as a leader, professor, clinician, researcher, published author, and federal government advisor. Most recently, I was CAO with a five-time INC 5000 education corporation and served on an international association Board of Directors.
What experiences have influenced and impacted your professional direction?
MB: When studying computer science in college, the business owners of my part-time job tapped me to help them transition their entirely manual operations to an automated digital environment. Over the two-year project, I got in volved in e very aspect of IT – mainly because no one there knew anything about IT or how to con vert this sizable organization from being a completely manual operation to a fully digital one. Still a student myself, I had to figure out everything from scratch and entirely on my own (no internet or YouTube back then!).
Being with the company before, during, and after this immersive experience allowed me to see what technology did for the company. Before the con version, they were completely stalled; but with technology, they experienced exponential growth and catapulted into their future. It gave me a deep appreciation for what efficiencies can be created for businesses via proper use of technology.
Subsequently, the empathy I developed from this small business’ reliance on systems got me into security, because I also saw first-hand how an enterprise can be instantly paralyzed by a significant security e vent. For me, there was no way I could experience a company from this vantage point and not come out wanting to protect them.
What are the operating philosophy and leading services/solutions that the company has been built on?
MW: IT security is just too important to be priced out of anyone’s reach, so our mission has always been about providing top-shelf services that are still affordable for the average business. Upon our founding, Michael focused on smaller and mid-sized organizations that could not afford in-house experts or quality audits. BAI then e volved operating extremely efficiently, allowing us to keep costs down for clients while innovating with agility to meet market needs.
Fast-forward to today – while we now serve organizations of all sizes, we have never stopped endeavoring to provide the most robust, cutting-edge assessments on the market at a highly competitive price point. Here in 2021, we find this mission has become critical in what has proven to be a perfect storm threatening our clients. Many organizations on the frontlines of the pandemic in banking, finance, and healthcare are struggling with revenue and budget repercussions of COVID-19; meanwhile, the same sectors have become hackers’ biggest targets. As a result, comprehensive services that are both customizable and affordable have become more vital than ever in protecting our clients.
What is your vision for the company in the next five years?
MW: We are presently witnessing the most aggressive and well-funded generation of hackers ever. Perhaps the singular upside of this is that news about damaging breaches is helping organizations worldwide grasp the serious risk cybercrime poses to their data, operations, and market standing – things that can go down fast, and then take a long time and a lot of resources to recover. We’re now seeing decision-makers, instead of viewing IT security as a regulatory box to check once a year, beginning to show great care in choosing a security partner who is truly expert and exhaustive in their approach as a key preventative play.
This is where BAI Security comes in– bringing to the market in-house expertise to tackle the constantly changing threat landscape – folks who cut their security teeth at major corporations and financial institutions, as well as the FBI, the Pentagon, U.S. State Department, etc. So even as you-get-what-you-pay-for generalist firms with outsourced novice staff and open source tools enter the space to provide bare minimum audits (the kind that satisfy regulators but skim over the expanse and severity of present-day threats), we believe BAI Security is, and will continue to be, uniquely appealing to those who take their IT security seriously.
MB: That’s right – and meanwhile, where technology goes, so go hackers and costly breaches. That means our audit team is innovating at warp speed to keep our clients safely ahead of emerging threats. Our vision is to continue mimicking cybercriminals’ methods to build out tools and methods that prepare our clients for worst case scenarios, while empowering them to proactively defend their unique environments 24- 7/365.
According to you, which upcoming/current technology is going to be a disruptive force for security industry in the near future?
MB: The development of new hard- and software in 2021 will make plenty of new year lists, but we’d like to avoid the distraction of those by encouraging folks to consider this: Whatever the latest and greatest invention in, it won’t matter if organizations continue to fail on the basics of IT security. The vast majority of companies and institutions are falling short with the three areas most critical to security posture: proper endpoint protection, vulnerability/patch management, and social engineering.
In other words, if your network perimeter is continually permeable, then some cool new multi-factor authentication is not going to help. And while we would like to say we are recommending folks get ‘back to basics,’ the truth is, most organizations have never done these basics well. So, we would love to see the 2021 ‘disruption’ be attention to IT security basics like never before.
How do you sustain your leadership spirit in this changing technological era?
MW: With technology central to all we do, we embrace the evolving landscape perhaps more than those in other industries. Still, advances in technology are a double-edged sword for us – they provide us more pathways to protect against present-day cyberthreats as we continually innovate tools and methods, but they also broaden the attack surface that threatens our clients. Because Michael founded BAI Security on a combined spirit of innovation and service, we are seeing 13 years later the incredible value this blend brings to our ability to stay ahead of hackers and keep our clients secure.
Over the past year, while the pandemic pushed everyone rapidly into new and more virtual ways of working, we managed to stay focused on what matters most – people. Our employees. Our clients. As a result, our team adapted beautifully, both in service quality, remote offerings, and internal teamwork – and our strong client relationships did not miss a beat. We’re so enthusiastic about 2021 and supporting our clients’ ongoing security, as well as their pandemic recovery.
What advice would you like to give to emerging business leaders?
MB: Take risks to innovate. You’ll succeed, you’ll fail, but either way, you’ll learn from it and end up with a better product or service. The worst thing you can do is stay where you are when you’re successful, because the market will most certainly copy and then pass you by.
MW: Manage change with discipline. Not the sexiest answer, but boy, can you save headaches and avoid wasting resources following this advice! There’s really no reason to have clunky rollouts or failed initiatives. There are solid change models with thoughtful, strategic execution that ensure across-the-organization success. And as a bonus, each time you succeed with implementation, it will elevate your team’s trust in your decisions, making the next new venture even more quickly received and smoothly deployed.
What words best describe your vision and approach to business?
MB: We have an imperative to help people who need high quality services but can’t otherwise get it.
MW: It’s about people. Next question. (But really – aligning your business what, why, and how with all stakeholders – employees and clients alike – makes for joyful work, meaningful impact, and success in all the ways that truly matter!)
“We found Michael and his firm knowledgeable, honest and well-organized, and a committed business partner, not merely a vendor during our engagements.” AVP of IT, CA
“Price was right, service was excellent, and the final deliverables were outstanding. Great team.” CIO, DE
“Far more extensive test than any we have had in the past… the reps are 100% on your project and always available to give you feedback.” CISO, TX
“They go out of their way to be helpful, offering their guidance and suggestions (as opposed to a cookie-cutter approach). Initially, we chose BAI because of their reputation. We went back to them the next few years because of their people and their professionalism, the depth of their technical and procedural knowledge, and friendliness.” IT Director, GA
“BAI specializes in security. The other firm we were using was more of an MSP. I like that BAI is a company just for security.” IT Manager, IL
“The professional experience and technical expertise made the choice an easy one… exceptional results. We are completely satisfied.” IT Director, NC
“Outstanding platform for vulnerability remediation. Everyone I talked to from sales folks to technical experts were all great to work with and very knowledgeable.” VP of IT, PA
“There are many players in this field. I contacted some of my industry peers and asked who they used. BAI came in at the top.” IT Supervisor, IN
“Although we are a smaller organization, BAI has not made us feel small. We are always treated with respect. BAI has always provided superior service, so we keep coming back.” VP of IT, TX
“The highest degree of professionalism and service.” SVP of IT, WI COVERSTORY Photo credits: Elinor Melvin