IAM2858 – Computer Scientist and Angel Investor Provides Digital Forensics Services

Hear Gresh's story, learn the 16 business pillars from the podcast, find out about CBNation Architects and why you might be one and so much more. Did we mention it was FREE? Download it today!

Transcription:

Brian Gill 00:00
Just be passionate about what you do, you know, like, it matters a lot more to me how many people we help, how many people we advise. I spend hundreds of hours a year on the phone with clients that are in these desperation, we just got breached, situations that never engage with us. And I always give them everything I have, every ounce of knowledge, every piece of advice. It's free, you know, I never. I'm here to help, and the more people I can help, the better.

Gresham Harkless 00:56
Hello, hello, hello, this is Gresh from the I Am CEO podcast and I have a very special guest on the show today. I have Brian Gill of Gillware. Brian, it's awesome to have you on the show.

Brian Gill 01:03
Hey, thanks for having me, man.

Gresham Harkless 01:05
No problem. Super excited to have you on. And what I want to do is just read a little bit more about Brian so you can hear about all the awesome things that he's doing. And Brian is a computer scientist, entrepreneur and angel investor. Brian currently serves as a chairman of Gilware, which provides cyber risk assessment, data recovery, incident response, and digital forensic services. He's also co founder of the Phoenix Nuclear Labs and serves as a P&L's board from inception to when it decided to spin off Shine medical technologies. These two companies have raised over $100 million of venture capital and employ hundreds of people in Wisconsin. Brian, are you ready to speak to the I Am CEO community?

Brian Gill 01:36
Let's do it.

Gresham Harkless 01:37
Let's make it happen. So I wanted to kick everything off and hear a little bit more about what I call your CEO story. Won't let you get started with your business.

Brian Gill 01:43
Yeah, so, you know, I started as a, I was a computer nerd, like right away. I literally wrote my first computer program when I was about 9 years old. Was not the captain of the football team, you know, was on that kind of Urkel side of the spectrum, but definitely didn't necessarily see myself in any kind of leadership role like ever was a programmer. Went out to the west coast during the first kind of pets.com Internet boom and burst. Got bursted and retreated back to Wisconsin, where I'm from originally and knew I wanted to. To be an entrepreneur, knew I wanted to do my own thing and Ended up starting a business to help people out of data related disasters. And at the time, that was maybe 15 years ago, 16 now, and it's been a while, but you know, started it and started with my brother Tyler and there was the two of us and then we hired two or three of our friends and all of a sudden we had like a business and all of a sudden I was the CEO of that business. It was real weird, but it was all my friends, so it was really not like I had to pretend to be a CEO. These are people I had known for years and years and years in my whole life. And we're just kind of doing something together. But of course it evolved. And you know, once you have, you know, 20 or 30 employees, all of a sudden like people expect you to actually be a CEO. And you know, that was a learning curve, but we're getting through it and we started a bunch of businesses and solved a lot of problems, helped a lot of people and it's been, it's been quite a ride. Nice.

Gresham Harkless 03:08
Well, I definitely appreciate that, especially how they, it sounds like it organically kind of grew. But you said, I heard you say in the beginning that you had, you always knew you wanted to be an entrepreneur. So did you have the vision of the business? Probably not. Maybe not necessarily being exactly this business, but being able to be a CEO and grow it to this level?

Brian Gill 03:20
Yeah, I mean I had started and failed a bunch of different businesses, a bunch of weird ideas, bunch of crazy stuff. Probably when I was 19, still in school, I started. Me and my buddy tried to start a couple of Internet things. Kind of before the Internet really was a thing. Never really found complimentary people to partner with. I am pretty high, I'm pretty high level thinker. I really hate the minutia of like doing the accounting or you know, working with a lawyer on like a 37 page document. You know, like that stuff just crushes me. So I really needed to find, you know, people that could do the real work. And when I finally did, it was great. But the original idea for the data recovery company wasn't even me. It was my brother Tyler. He had a clicking hard drive and he was a young man. He was probably, I don't know, 19 or 20 years old. Going to school at UW Wisconsin here and trying to get his computer science degree. Kind of follow in my footsteps a little bit and. And then lost a hard drive and was trying to find anybody to fix it to get his pictures of all his people back. And one of his buddies in High school had died and he really wanted those pictures and didn't have them anywhere else. And there was no cloud size. And he was a young guy who just never backed his stuff up and started trying to find anybody to help and found two companies that did it in a very long search. And both of them wanted like $3,000 to just site unseen. Oh, it's going to be three to five grand. And he was like, oh, that's pretty much my college tuition and that's going to work, right? So we were sitting around and I came back from California and he was, he was in school, but. And he's real smart, but he hated the academic tracks. You know, if he was in a class that didn't. He couldn't see the practical application for it. He was just like, he was having a real hard time. So he wanted to do something else other than go to school. I wanted to do something. And he remembered his broken hard drive and he's like, well, how hard could that be? I'm like, well, it's probably pretty hard, but that's not unattractive, right? And the fact that there's only two companies doing it that we could find, that doesn't mean that we don't want to do it. You know, that sounds great. Like, oh, that sounds like a difficult problem. We knew there was a market that was not being served, so could we be the solution to that? You know, I'm a computer scientist and you know, one of my brothers, Wesley, was a mechanical engineer and a computer scientist. One of his buddies, Scott, was a mechanical engineer and an industrial engineer. And our buddy Greg was an electrical engineer and a physicist. And it's like, well, between the five of us, can we figure this out? And we could. And that was, that was pretty fun, right?

Gresham Harkless 05:48
That makes, you know, so much sense. And it's funny because I know you touched on it as well, too, when you were talking about exactly how you've helped so many people. Funny because like a lot of times the ideas that we come up with with businesses is from basically scratching our own niche, so to speak. As you kind of talked about where we have some type of issue, something isn't created or we try to find it. It might be there, but it may not cater to a specific market that we're thinking about. So you decide to enter entrepreneurial form, kind of created yourself. So I definitely appreciate that. I know you touched on it a little bit, too. I wanted to hear a little bit more about fieldwork. Can you take us through exactly, like, how you Work with clients, the services you provide and how that.

Brian Gill 06:17
Yeah. So these days, Obviously life in 2019 is a lot different than 2003. So over the years it's evolved. We started with like fixing clicking hard drives and then in around 2006 we started a cloud services backup company. So we wrote a bunch of code and built a bunch of software and had a, basically a service platform where people could back up their data and specifically small businesses. It was really geared toward SMB and we had a referral network or reseller network. A lot of about 800 little computer repair and managed service companies all over the United States were selling that platform. That company got acquired in 2016 by a bigger fish called Storage Craft. They're a great backup company. And when that happened, we're like, okay, what's the next thing? Because again, we're always looking for what's next. And once again, it wasn't all that hard to figure that out. There is a huge, massive worldwide problem with ransomware and cyber attacks. And we got a lot of calls for that just in the data recovery lab. So we were not even advertising for it. And we were getting drug into this. There was a, there was a magnetism just pulling us into this. So we decided to go whole hog. Found a company called Gilware Digital Forensics, essentially services two major markets. One is incident response. The incidents that we're responding to are these companies had a data breach and maybe they're locked out of their data and it's all encrypted. And the second thing that we're probably really doing the most these days is called risk assessment. So usually mid sized businesses, maybe one to 500 employees will bring us in not to like do their it, not to replace their IT department, not to compete with their it, purely to advise, to look at the network topography, look at the threat profile, work with them to make sure they've got the right type of just practical things like do you have the right kind of cyber insurance policy? The answer is sometimes no, and often no. I mean, a lot of times, a lot of your listeners might be in that SMB phase where they got 10 or 20 employees. Even at that phase, you should probably be thinking about a cyber insurance policy and very few people have them. And if they have them, maybe you got one eight years ago before all this ransomware stuff started and it's way out of date and doesn't make sense anymore. So those are the main two things that we're doing these days, is helping people out of these hacks, helping them Dig out and then helping prevent them as well.

Gresham Harkless 08:28
Yeah, that makes so much sense. And I think a lot of times, I don't know if you've definitely heard this with your clients or potential clients or even probably just talking and conversing with people that a lot of times you think that it would never happen to you. Sometimes you're too small. I hear that a lot with small businesses and medium sized business sometimes too where they say, you know, we're too small to be attacked. They're going for the big huge company. So we don't have anything to worry about. So you don't worry about, you know, some of those things or thinking about the insurance and things like that as you kind of touched on.

Speaker B 08:51
Yeah.

Brian Gill 08:52
And the big companies are definitely big targets and they're in certain companies, in certain industries or certain government agencies are definitely highly targeted and specifically targeted by the big overseas hacking groups, some of which are state sponsored. So they're in countries where it's not illegal to do what they're doing. It's. They're getting their paycheck from the same government. Oh wow. That is telling them to attack US businesses in petroleum or whatever the industry might be. So some of those companies have a real, that's a real problem. You know, you are getting attacked all the time and you get attacked 81 different ways. And if one of those 81 things isn't taken care of, you're going to get got. And that type of big organization or targeted organization usually is also going to have somewhat of an assumption of like, yeah, we're going to get owned occasionally. How do we respond internally? So they practice response internally as much as they spend time preventing.

Gresham Harkless 09:45
Right.

Brian Gill 09:45
The smaller businesses are not going to be necessarily direct targets, but some of these bad guys catch a really wide or they cast a wide net. And if you are, you haven't patched your operating system for three years and your business is running on like a Windows XP box, it's not even supported. And there's known vulnerabilities that the bad guys have pre programmed kits that can attack that. Well, that's a really easy win for them. And it may not be the huge half million dollar ransomware payment, but it was really easy. And maybe they get you for five grand. Right. Or put you in a position where like, well, do I go out of business or just don't do this or should I come up with five grand to get my own data back? And as a small business boy, like that can be catastrophic. Close the doors. Yeah, right. Sometimes and so even small businesses need to be not necessarily hiring some consultant to come in and pay a bunch of money. But small businesses should have the basics. You should have, you know, if you got more than one employee or if you're working off site and your business is over here on this network, that network needs a firewall and it needs a firewall in front of it. That's a piece of hardware that does two factor authentication, where when I go to log into my network from home or from the Starbucks, I put in my username and password and then there's a second form of identification, which is like a rolling code on your smartphone. So you go to your smartphone, you bring up your app and you type in this eight digit code. It's the kind of thing that people are starting to notice. Banks finally rolling out to consumers, where, hey, I log into my bank and it's like, hey, I'm going to text you a code. That's the second factor, right? So you got to have that, you got to have backups, you know, your data, your, your accounting data, your payroll data, your architecture designs, your recordings of your podcast, the videos that you're producing, that all of that stuff needs to get backed up automatically. If you have to do something every day or once a week, or remind yourself, hey, once a month I'm going to plug a plug into this and then do this and that. It ain't good. It's not going to work because we're busy as entrepreneurs, especially as small business owners, especially. How often are you really going to remind yourself to do that? I'll do that next week. What, what surprises people is almost all of our data recovery clients, which we still do, by the way, almost all of them had a backup. Had a backup until they went to look at it and it's like, oh, crap, I haven't done it since March 2018. Oh, wow. You know, it's like, that's normal. That's the normal experience. It's not that they never thought about it. Everybody knows I should back my data up. But they don't spend like the $50 per node per year to back up the data in an automated fashion to a different network. So if the bad guys get you, well, you can go get your backup over here. And as long as you have different username and password to get into it, and ideally there's a two factor auth to log into it, then, then they're never going to hold you ransom. Now, they may have your data, they may steal your data, and that might be Bad. And that will be bad, but at least you won't have to pay some, you know, in the Ukraine, $5,000 to get access to your own data bank.

Gresham Harkless 12:38
Yeah, yeah, that makes perfect sense. And I mean all throughout business, the whole idea, at least what I say, and I think even, you know, a lot of the definitions of businesses just to kind of mitigate risk. So you're trying to reduce the likelihood of risk. You can't guarantee you're not going to have any risk, whether it be technology or whatever, but you try to reduce that as much as possible. And like you said, you know, two factor authentic authentication and those kind of steps definitely help out as far as doing that. So I definitely appreciate that and you might have already touched on this, but I wanted to ask you for what I call your secret sauce. And it could be for you personally or your business. What do you feel kind of sets you apart and makes you unique?

Brian Gill 13:07
Just be passionate about what you do, you know, like it matters a lot more to me how many people we help, how many people we advise. I spend hundreds of hours a year on the phone with clients that are in these desperation. We just got breach situations that never engage with us. And I always give them everything I have, every ounce of knowledge, every piece of advice. It's free. You know, I never, I'm here to help and the more people I can help, the better.

Gresham Harkless 13:34
I appreciate that secret sauce. And I wanted to switch gears a little bit and I wanted to ask you for what I call a CEO hack. And this might be an Apple book or a habit that you have. What's something that makes you more effective and efficient?

Brian Gill 13:44
Learn to delegate effectively.

Gresham Harkless 13:46
Now I wanted to ask you, and you already gave us some of these, but I want to ask you if you had any more as far as like the CEO nugget. And this is like a word of wisdom or piece of advice and I know related to, you know, anything that small business owners can do related to the technology that can help them to be successful as well.

Brian Gill 13:59
First thing to understand is you're going to have to spend money and you're going to have to spend some of your hard earned money on it and IT security. And that sucks. Everybody wants to put that money in the checking account or put it in the holiday bonuses or distribute it. You don't have to take all of it, but you probably have to spend more than you think you do.

Gresham Harkless 14:18
I definitely appreciate those nuggets. And now I wanted to ask you my absolute favorite question, which is the definition of what it means to be a CEO, we're open to have different quote unquote CEOs on this show. So Brian, what does being a CEO mean to you?

Brian Gill 14:27
Being a CEO is really, you know, being a leader. You know, they're, they're synonymous. You know, you, you, depending on your corporate structure, you know, you might be responsible to shareholders or whoever and maybe you're, maybe you're a one person company, right? You're the CEO of your one person company. Well, you're still responsible to your shareholders, which is you.

Gresham Harkless 14:48
I appreciate that definition and I appreciate your time even more, Brian. What I want to do is pass you the mic, so to speak, just to see if there's anything additional you want to let our readers and listeners know. And then of course I best they can get a hold of you, find out about all the awesome things you guys are working on and just get in touch with you for any additional kind of cyberware, cyber security information they need to know.

Brian Gill 15:03
Sure. Hey, thanks Josh. If you're a mid sized business, specifically if you're in one of those regulated industries and you're worried about this cyber stuff and you're not exactly sure how prepared your organization is, we developed internally here at Gillware what we call a ransomware stress test. It's basically a way, it's a self guided tour. It asks about 50 questions and some of them are a little technical, but it asks a bunch of those questions. So you can grab your IT MSP or you can grab your IT guy, you can drag them over, you can take it together and at the end of that process, which will take a little while, you'll get a score of how prepared we think you are for specifically ransomware. One variant of the type of attack that are happening. It's a free thing, you learn a lot. So if anybody wants to talk to me about any of that kind of stuff, it's Gillware.com G I L L W A R E. You can see the ransomware stress test on there, et cetera. And if you are looking to connect with me personally, I'd love that. I appreciate that. Just go to LinkedIn, just Brian Gill, sure you'll find me Brian Gill, Gil, where I'll pop right off.

Gresham Harkless 16:03
Awesome. Awesome. Well thank you so much again, Brian. We will have the links and information in the show notes so that everybody can follow up with you. But again, appreciate you, appreciate your time. Appreciate you reminding us of, you know, following our passions and of course, you know, reminding us of all the things we can, you know, pay attention to as business owners and entrepreneurs as well too. But thank you so much again. I hope you have a great rest of the day.