Center for Internet Security CEO is driven
Leader says the nonprofit is focused on improving cybersecurity for all
John Gilligan believes the culture at the Center for Internet Security sets it apart.
Gilligan is CEO of the Center for Internet Security, an East Greenbush nonprofit that helps governments, businesses and individuals bolster and secure their critical internet operations.
Gilligan, who lives in the northern Virginia suburbs of Washington, D.C., has been CEO of CIS since 2018 but served on its board between 2005 and his appointment as CEO five years ago.
He also has vast experience in government, having served as the chief information officer for both the Air Force and the Department of Energy.
He was also program executive officer for the battle management and command and control system for the Air Force. He knows systems, and he knows people.
Q: I have heard good things about your company’s culture, including your volunteer effort CIS Cares, and paid time off for volunteering. Can you talk about that?
A: One of the things that is different about CIS is the culture. We’re a nonprofit, which gives us a little bit more flexibility than other companies. … In addition to the examples that you mentioned, we have what we call the IDEA Alliance, which is our diversity, equity and inclusion program. It’s led by employees, and it is proven to be extraordinarily valuable. I’ll contrast (our program) with a lot of companies that have gone out and hired an expert consultant or put somebody on the staff . ... This is really a management responsibility, but also we wanted to get the employees involved and they actually formed this alliance. They hold probably about 20 events a year. Some are just over lunch to discuss a particular topic . ... It’s far broader than in most organizations. They get into religion. We’re in Ramadan now, so we had a session where a couple of our Muslim employees talked about what Ramadan is and what’s their routine. We’ve talked about LGBTQ+ (topics) — a lot of this is just educational. What we want to do is educate our employees so they’re more understanding and accepting.
Q: How do you attract the best employees?
A: I think the No. 1 item when I talk to our employees and when I talk to candidates that we’re interviewing is the sense of purpose that we have in our mission. Our mission is to improve the state of cybersecurity worldwide. It’s fairly straightforward. A lot of people we talk to — especially some of the younger generations — they’re looking for purpose as much as they’re looking for a big title and a big pay.
Q: How are they finding that sense of purpose at CIS?
A: Because of the work that we do helping state and local organizations improve their security, we also focus on something we call the cyber-underserved — those organizations that don’t have a lot of people or financial resources and they’re also not being well addressed or served by larger cybersecurity organizations. In our state and local work, our primary focus is on how do we improve the state of security for the cyber-underserved. (An example is) our work in helping the elections community protect elections. It’s just, people say, well, that’s great stuff.