Produced by:
From Soldier to
Security Leader
Netwrix CISO Craig Riddell on his unique journey
A TechPros.io Interview with Craig Riddell
Field CISO
🎙️ Listen to the full interview
in the Enterprise Thought Leadership podcast, powered by TechPros.io
We recently had the opportunity to speak with Craig Riddell, Chief Information Security Officer at Netwrix, to discuss identity access management. Craig brings a unique perspective, with over 15 years of experience spanning military service, startups, and large enterprises including Hewlett Packard.
How did you get started in cybersecurity and become passionate about identity access management?
My career journey into cybersecurity was non-traditional. I served in the military infantry and later met someone at a departure party for a unit heading to Afghanistan who introduced me to Linux and Unix, sparking my interest in technology. This experience bridged what I had done in the military with the world of cybersecurity.
Early in my career, I had the privilege of working alongside the inventor of the SSH protocol who explained how he created it as a college student to protect his own work. I was fascinated learning the origins of such a fundamental technology that came from a real need.
Ultimately, I was drawn to identity access management because it connects so many components within organizations. I strive for variety and exposure to new things, and identity touches everything across the business. It became a passion because it is so critical yet constantly evolving as technology advances.
Walk us through your career journey before becoming CISO at Netwrix.
After serving in the military, I jumped into help desk roles focused on Linux and Unix. I quickly developed skills in ethical hacking and cybersecurity. I worked as the Head of Global Solutions Architecture at Trend Micro before becoming the Director of Identity and Access Management at HP.
In these executive roles at large enterprises, I focused heavily on identity, cloud migration and modernization. The higher I have risen, the more parallels I find between military leadership experience and business leadership strategies beyond just technology. It's about understanding people, processes and objectives across the organization.
How do you see identity access management evolving in today’s landscape of digital transformation?
Identity is exploding exponentially. Covid-19 forced remote work and underscored the importance of understanding who is accessing what and why. New regulations like cyber insurance requirements create more focus on privilege access management. And technologies like 5G and IoT mean exponentially more endpoints that all need identity.
Companies who pivoted well during Covid had strong identity foundations already in place. Those without struggled and still do. We also see new credential types like robotic process automation that need specialized identity treatment. Ultimately, every digital transformation maps back to people accessing technology. Identity sits at the core.
Ultimately, every digital transformation maps back to people accessing technology. Identity sits at the core.
Can you explain Netwrix’s approach to making identity access management work at enterprise scale?
We focus relentlessly on reducing complexity. Legacy solutions are notoriously difficult to deploy fully. We built our Identity Governance and Administration platform specifically to remove friction and streamline deployment.
Rather than rip-and-replace existing investments, we layer on top intelligently. Our integrations increase value of current data and systems. We also leverage AI for automation to increase speed-to-value.
Customer success is our true north star. We want organizations to use our technology extensively across the enterprise. Our approach is diplomatic, bringing people along instead of forcing compliance. We make security processes fit smoothly into business workflows.
How does Netwrix’s technology approach translate into measurable value?
We can quantify value through cost and risk reduction. Our customers save millions in reduced IT infrastructure and staffing by removing complexity. We provide risk analysis of current environments to show weak spots and opportunities to strengthen posture.
But beyond cost, we elevate value conversations. Customers have invested heavily in certain point solutions. We show how our integration improves current data value. We offer non-disruptive migration paths to fully replace legacy over time. Our goal is driving security without tradeoffs that slow the business.
Value also comes from usage and advocacy. We don’t succeed unless organizations extensively use our technology across the enterprise. We strive for "pull" demand based on delivering an amazing customer experience.
We offer non-disruptive migration paths to fully replace legacy over time.
What is the most important lesson you want to share with security professionals?
Remember that at the end of the day, we're all just people. It's easy to get tunnel vision focusing narrowly on our jobs. But security is a people challenge as much as a technology challenge. Forging genuine connections and understanding makes achieving our objectives infinitely easier. Meet people where they are, don't just demand they adjust to you. Security enables business success; the two should never be at odds. Keep this bigger picture in mind.
Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.
Share this page