CIO Spotlight: George Lamont, IronNet Cybersecurity Inc.

Name: George Lamont

Company: IronNet Cybersecurity Inc.

Job title: CIO/CISO

Date started current role: April 2014

Location: McLean, VA

As the CIO/CISO at IronNet, Colonel (Ret) George Lamont is a leading expert on cyber force readiness. He authored at U.S. Cyber Command the first-ever Joint Cyber Training & Certification Standards and Cyber Flag exercise series, which serves today as the Defense Department’s gold-standard for building a premier cyberspace workforce for the nation. Colonel Lamont is focused on bringing the same rigor, discipline, and methodologies to the private sector by helping companies build highly skilled teams as part of IronNet’s end-to-end cybersecurity solution and threat intelligence information sharing framework. Colonel Lamont led a distinguished 27-year military service career in cyber operations and full-spectrum communications.

What was your first job? My first job was as a newly commissioned 2^nd Lieutenant in the US Air Force doing software programming for the Air Force Automated Message Processing Exchange (essentially DoD’s email, before there was email.)

Did you always want to work in IT? Nope, swimsuit model was first choice…genetics made me pursue IT/Security. It’s been a much better fit, since I love solving complex problems across all areas of people, processes and technology.

What was your education? BS Math/EE from University of New Hampshire, 1986 (GO WILDCATS!) and MBA at OKCU, 1990. Do you hold any certifications? CISSP, 2008, and Maryland Bartending Academy Bootcamp, 2019.

Explain your career path. Did you take any detours? If so, discuss. The military is full of detours, but each job contributed with critical leadership, technical and life lessons that made me better equipped to handle challenges of being a CIO in a modern business environment. Back then, the roles of CIO and CISO didn’t exist, and similarly, tomorrow’s jobs have yet to be defined or named. My landing in a dual role as CIO/CISO is simply a culmination of experiences where being competent, results oriented and passionate about the power of technology can lead to some level of success.

What business or technology initiatives will be most significant in driving IT investments in your organisation in the coming year? Cloud and SaaS transformation continue to be key focus areas for our business and product in the coming year, along with expansion of our Federal/State enterprise offerings.

What are the CEO's top priorities for you in the coming year? How do you plan to support the business with IT?  Certifications (e.g. CMMC) coupled with our existing SOC2, ISO27001, GDPR and other certs continue to be a focus of our top leaders to expand and scale our business and revenue opportunities over the next year.  Digital transformation plays a key role in how we scale to meet this demand and business growth.

Does the conventional CIO role include responsibilities it should not hold? Should the role have additional responsibilities it does not currently include? There is always healthy friction among C-Suite roles and the CIO role is anything but conventional.  In my dual CIO/CISO role, I often find myself balancing competing interests to meet company objectives, address risk and be fiscally conscious. The CISO part of me always needs more security coverage, more personnel, and that often translates into more spend. The CIO part of me is always trying to economize, automate, and create agility and customer service or product acceleration. There are pros and cons to this dual role; I end up arguing with myself a lot.

Are you leading a digital transformation? If so, does it emphasise customer experience and revenue growth or operational efficiency? If both, how do you balance the two?  My team is leading a digital transformation, and as mentioned before, it is focused on revenue growth, but often extends to the customer experience.  All of us experienced last year’s dramatic shift to remote work, and our transformation efforts in advance of the pandemic allowed us to shift to this 100% virtual posture without skipping a beat.  

Describe the maturity of your digital business. For example, do you have KPIs to quantify the value of IT?  Our company has traditional KPIs of IT availability, quality and spend, but also commit each quarter linking all of our subordinate operational and IT measures into our overall corporate “Victory Plan” led by our CEOs, General (Ret.) Keith Alexander and Bill Welch.

What does good culture fit look like in your organisation? How do you cultivate it? Our cultural fit starts with our mission: “Deliver the power of collective cybersecurity to defend companies, sectors and nations.” This sense of mission is felt from our chairman to our most junior hires and we reinforce it from the onboarding process, to business strategies, and echoed during training and regular company “All-Hands sessions”.  

What roles or skills are you finding (or anticipate to be) the most difficult to fill?  All highly-skilled technical talent is at a premium right now. During the pandemic with remote work as the norm, traditional limitations of geography are making this environment even more fluid. This fluidity creates even more opportunities than challenges for our company, and we believe we (and our customers) will be better served as a result.

What's the best career advice you ever received?  “Make a plan, review the plan, adjust, repeat….”  Having no plan is simply wandering, and you often end up exhausted and lost.  We often spend too many hours responding and reacting on a given day, and don’t make the time to strategically plan and measure the progress over a given period…so you know you got where you wanted to go.

Do you have a succession plan? If so, discuss the importance of and challenges with training up high-performing staff.  Small company succession planning is hard, but totally worth it. Too often employees don’t “see” where they can go next in the company and limit their opportunities chasing a path they think is the traditional direction they are “supposed” to go. The next generation of leadership can come from so many different places, even from within a small company. There are also other options that can provide career growth: Mentoring has many options and can often mean helping your talent find jobs outside your company, so they can gain experience with partners, customers, or other company interests…and then come back stronger at a time that is right for both of you. Makes a win-win for the entire system.

What advice would you give to aspiring IT leaders?  Be competent, trusted and grow your brand through hard work and results.  Simple, right?

What has been your greatest career achievement? Retiring after 28 years of Active Duty in the US Air Force and starting IronNet as a co-founder with the best boss I’ve ever worked for…in the same year.

Looking back with 20:20 hindsight, what would you have done differently?  Thank my family more often (for everything), sneak fewer sweets before bed, and learn to be more concise…