An Interview with Centrify CEO, Tom Kemp

Written by

I get invitations to sit down with industry CEOs all the time. There’s no real secret as to why I accept some and not others – a lot of the time it’s just timing. Truth be told, I’d like to accept a lot more – if time was no object.

Of the many vendor CEOs I’ve met with during my time as Editor of Infosecurity, I’ve learnt that there are two types of vendor CEO meetings:

Type A: Interviewee turns up with an agenda – most often a product release or announcement – sometimes even with a slide show that his/her marketing team have put together, and presents to me as if I’m a potential client. I’m allowed to ask some questions, but the answering of these questions always leads back (miraculously) to said product release or agenda.

Type B: Interviewee turns up without a sales pitch or agenda. They sit down in front of me, and wait for me to steer the agenda, and allow me to ask the questions that I know our readers want the answers to.

There are no prizes for guessing which type of CEO interview I prefer, nor a prize for guessing which type I’m most frequently confronted with.

In May, Tom Kemp, CEO and co-founder of Centrify, came to meet me at my office. It was then that I learnt that there is also a ‘type C’.

Kemp arrived with an agenda. Centrify was about to announce the launch of ‘Centrify DirectControl for Mobile’ – an Active Directory-based product for mobile device security via the cloud. Armed with some literature (dare I say slides) about this release, and a PR person eager to get this message across, Kemp was the perfect ‘type A’ candidate.

But then something happened. Maybe I asked the right questions, maybe Kemp had grown tired of talking about the new product – ours was the last of a series of meetings he’d had during his trip to England, so it wouldn’t be surprising – or maybe he just decided to go with the flow. Whatever the reasoning, Kemp went ‘off-piste’ for long enough for me to get some really interesting industry insight out of him. Here’s what I found out:

It’s hard to retain staff in the Silicon Valley:

“With the likes of Google and Facebook on your doorstep printing cash, they can afford to pay their staff a lot. To counteract that, it’s important to create a good work environment. Hiring is more of a problem than retaining”.

Seattle is the new Silicon Valley:

“Drawing upon Microsoft people, there is a good pool of developers in Seattle. Google and Facebook are expanding into Seattle – skilled IT professionals are moving there too”

The information security skills gap is very real:

“There are 100,000 open job positions in the US but people don’t have the right skill sets. Historically there hasn’t been a significant mindset around becoming an engineer – especially in security, and there aren’t enough women. It will take 20 years to retro-fit the mindset of young people.”

Launching a start-up is all about who you know and what you’ve done:

“You need to build elephant skin to raise investment. It’s not easy to raise the money and you get a lot of ‘no’s. You basically have to try and raise $7m with a 20 page powerpoint!”.

Venture Capitalists invest in people:

“It’s very rare to have an original idea. Investors need confidence in the individual. There’s no such thing as an original idea in technology”.

Now is a great time for information security start-ups:

“As long as it’s either a social media, mobile, or cloud product. If it’s not any of these, you probably won’t get funding”.

Security needs a carrot:

“Especially when it comes to BYOD, security needs a carrot. For example, ‘Allow IT to enrol your device, and we’ll enable your access, five you access to corporate email, etc.’”

Blocking YouTube and Facebook isn’t acceptable:

“Saying ‘no’ makes people want to do it more. IT needs to start saying ‘yes’ – it’s more productive. Mobile device security should be installed with a user-centric approach”.

So there you have it. My interview in a nutshell with Tom Kemp. We did also talk about the new mobile security management product (Kemp did start the meeting as a Type A remember). Rather than me regurgitating the press release here, you can read all about it on the Centrify site.

My definition of Type C is this: Starts the meeting as Type A, but allows himself/herself to be lead down the path of Type B for some – if not all – of the interview.

If you know any Type B CEOs looking to be interviewed, drop me a line…

What’s hot on Infosecurity Magazine?