IAM498- Computer Scientist and Angel Investor Provides Digital Forensics Services

Brian is a computer scientist, entrepreneur, and angel investor. Brian currently serves as Chairman of Gillware, which provides cyber risk assessments, data recovery, incident response, and digital forensics services. He is co founder of Phoenix Nuclear Labs and served on PNL’s board from inception to when it decided to spin off SHINE Medical Technologies. Those two companies have raised over 100 million dollars of venture capital and employ hundreds of people in Wisconsin.

• CEO Hack: Delegating effectively
• CEO Nugget: You may spend more than you think you need on IT
• CEO Defined: Leader and responsibility holder

Website: https://www.gillware.com/

LinkedIn: https://www.linkedin.com/in/brian-gill-68997a38/
Facebook: https://www.facebook.com/gillwaredatarecovery/

Check out one of our favorite CEO Hack’s Audible. Get your free audiobook and check out more of our favorite CEO Hacks HERE

Transcription:

The full transcription is only available to CBNation Library Members. Sign up today!

Intro 0:02

Do you want to learn effective ways to build relationships, generate sales, and grow your business from successful entrepreneurs, startups, and CEOs without listening to a long, long, long interview? If so, you've come to the right place. Gresham Harkless values your time and is ready to share with you precisely the information you're in search of. This is the I AM CEO Podcast.

Gresham Harkless 0:29

Hello, this is Gresh from the I AM CEO podcast and I have a very special guest on the show today. I have Brian Gill of Gillware. Brian, it's awesome to have you on the show.

Brian Gill 0:36

Hey, thanks for having me.

Gresham Harkless 0:37

No problem. Super excited to have you on. What I want to do is just read a little bit more about Brian so you hear about all the awesome things that he's doing. Brian is a computer scientist, entrepreneur, and angel investor. Brian currently serves as a chairman of Gillware, which provides cyber risk assessment, data recovery, incident response, and digital forensic services. He is also a co-founder of the Phoenix Nuclear Labs and served on PNL’s board from inception to when it decided to spin off SHINE Medical Technologies. These two companies have raised over $100 million of venture capital and employ hundreds of people in Wisconsin. Ryan, are you ready to speak to the I AM CEO community?

[restrict paid=”true”]

Brian Gill 1:09

Let's do it.

Gresham Harkless 1:10

Let's make it happen. I wanted to kick everything off and hear a little bit more about what I call your CEO story. When did you start your business?

Brian Gill 1:16

Yeah. I was a computer nerd, like right away. I wrote my first computer program when I was about nine years old, was not the captain of the football team, on that kind of vertical side spectrum. But didn't necessarily see myself in any kind of leadership role like ever was a programmer went out to the West Coast during the first kind of pets.com, internet, boom, and got bursted and retreated to Wisconsin, where I'm from originally. I knew I wanted to be an entrepreneur, knew I wanted to do my own thing, and ended up starting a business to help people out of data-related disasters.

At the time, that was maybe 15 years ago. 16 now, and it's been a while, started it and started with my brother, Tyler knows the two of us, and then we hired two or three of our friends. All of a sudden, we had a business and all of a sudden I was the CEO of that business, was weird. But it was all my friends so it was not like I had to pretend to be a CEO. These are people I had known for years and years and years and my whole life and we're just kind of doing something together. Of course, it evolved. Once you have 20 or 30 employees, all of a sudden, people expect you to be a CEO and that was a learning curve. But we're getting through it. We started a bunch of businesses and so after a lot of problems helped a lot of people and it's been quite a ride.

Gresham Harkless 2:48

Nice. I appreciate that especially how it sounds like it would organically kind of grow. I heard you say in the beginning that you had always known you wanted to be an entrepreneur. So did you have a vision of the business? Probably not necessarily being an exactly this business, but being able to be a CEO and grow it to this level?

Brian Gill 3:02
Yeah, I mean, I had started and failed a bunch of different businesses, a bunch of weird ideas, a bunch of crazy stuff. Probably when I was 19, still in school, I started me and my buddy tried to start a couple of internet, things kind of before the internet was a thing. Never really found complimentary people to partner with. I'm a pretty high-level thinker. I hate the minutia of doing the accounting or working with a lawyer on a 37-page document like that stuff just crushes me. I needed to find people who could do the real work. When I finally did, it was great, but the original idea for the data recovery company wasn't even me.

It was my brother, Tyler, he had a clicking hard drive and he was a young man, he was probably, I don't know, 19 or 20 years old, going to school at UW Wisconsin here, trying to get his computer science degree kind of follow in my footsteps a little bit, and, and then lost a hard drive and was trying to find anybody to fix it to get his pictures of all his people back and one of his buddies in high school had died. He wanted those pictures and didn't have him anywhere else. There was no cloud site and he was a young guy who just never backed stuff up and started trying to find anybody to help and found two companies that did it very long search.

Both of them wanted like $3,000 to just sight unseen, what's going to be three to five grand, and he's like, Oh, that's pretty much my college tuition work. So we were sitting around and I came back from California and he was he was in school, he's real smart, but he hated the academic tracks. If he was in a class that didn't, he couldn't see the practical application for it, he was just like, he was having a real hard time. He wanted to do something else other than go to school. I wanted to do something and he remembered his broken hard drive. He's like, Well, how hard can that be like, well, it's probably pretty hard but that's not unattractive.

The fact that only two companies are doing it that we could find, doesn't mean that we don't want to do it, that sounds great. Like, oh, that sounds like a difficult problem. We knew there was a market that was not being served. Oh, could we be the solution to that? I'm a computer scientist. One of my brothers, Wesley was a mechanical engineer, and a computer scientist, one of his buddies, Scott was a mechanical engineer and an industrial engineer, and our buddy, Greg was an electrical engineer and physicist. It's like, well, between the five of us, can we figure this out? And we could and that was pretty fun.

Gresham Harkless 5:38

Right? That makes so much. That's it. It's funny because I know you touched on it as well, too, when you were talking about exactly how you've helped so many people, it's funny, because like, a lot of times that is that we come up with businesses is from basically scratching our niche, so to speak, as you kind of talked about where we have some type of issue, something isn't created, or we try to find it, they might be there. But it may not cater to the specific market that we're thinking about. So he decided to intrapreneurially form a kind of himself. I appreciate that. I know you touched on it a little bit too, I wanted to hear a little bit more about your work and take us through exactly how you work with clients, and the services you provide.

Brian Gill 6:08
So these days life in 2019 was a lot different than in 2003. Over the years, it's evolved. We started with like fixing and clicking hard drives. Then around 2006, we started a cloud services backup company. We wrote a bunch of code and built a bunch of software and had a service platform where people could back their data, specifically small businesses, it was geared toward SMBs. We had a referral network, or reseller network of about 800, little computer repair and managed service companies all over the United States that were selling that platform, that company was acquired in 2016 by a bigger fish called Storage Craft. They're a great backup company.

When that happened, we're like, Okay, what's the next thing, because again, we're always looking for what's next. Once again, it wasn't all that hard to figure that out. There is a huge, massive worldwide problem with ransomware and cyber attacks. We got a lot of calls for that just in the data recovery lab. So we were not even advertising for it. We were getting drugs into this. There was a there was magnetism, just pulling us into this. So we decided to go the whole hog and found a company called Gilbert Digital Forensics, which essentially services, two major markets. One is incident response, the incidents that we're responding to are when these companies had a data breach.

Maybe they're locked out of their data, and it's all encrypted. And the second thing that we're probably really doing the most these days is called risk assessment. Usually midsize businesses, maybe one to 500 employees will bring us in not to do their it not to replace their IT department not to compete with ours purely to advise to look at the network typography, look at the threat profile, work with them to make sure they've got the right type of just practical things like, Do you have the right kind of cyber insurance policy? The answer is sometimes no and often no.

A lot of times, a lot of your listeners might be in that SMB phase where they have 10 or 20 employees, even at that phase, you should probably be thinking about cyber insurance policies. Very few people have them and if they have them, maybe you got one, eight years ago before all this ransomware stuff started. It's way out of date and doesn't make sense anymore. Those are the main two things that we're doing these days is helping people out of these hacks, helping them dig out, and then hoping to prevent that as well.

Gresham Harkless 8:19

Yeah, that makes so much sense. I think a lot of times, I don't know, if you've definitely heard this with your clients, or potential clients, or even probably just talking and conversing with people, that a lot of times you think that it would never happen to us, sometimes you're too small, I hear that a lot with small businesses and medium-sized businesses, sometimes where they say, you know, we're too small to be attacked, or they're going for the big huge company. We don't have anything to worry about, so you don't worry about some of those things that are taken about the insurance and things like that, as you kind of touched on.

Brian Gill 8:43

Yeah, and the big companies are big targets. They're in certain companies and certain industries, or certain government agencies are highly targeted, and specifically targeted by the big overseas hacking groups, some of which are state-sponsored. So they're in countries where it's not illegal to do what they're doing, it's, they're getting their paycheck from the same government that is telling them to attack our businesses in petroleum, or whatever the industry might be. Some of those companies have a real, that's a real problem you are getting attacked all the time.

You can attack 81 different ways and if one of those 81 things isn't taken care of, you're gonna get got. That type of big organization or targeted organization usually is also going to have somewhat of an assumption of like, Yeah, we're gonna get owned occasionally. How do we respond internally? So they practice response internally, as much as they spend time preventing. The smaller businesses are not going to be necessarily direct targets. But some of these bad guys catch a really wide cast wide net. If you haven't patched your operating system for three years and your business is running on a Windows XP box. It's not even supported. There are known vulnerabilities that the bad guys have pre-programmed kits that can attack.

Well, that's a really easy win for them. It may not be the huge half-million dollar ransomware payment but it was really easy and maybe they get you for five grand, or put you in a position where like, well, do I go out of business or just don't do this, or should I come up with five grand to get my data back. As a small business boy, like, that can be kind of trapped, close the doors. Sometimes, and so even small businesses need to not necessarily hire some consultant to come in and pay a bunch of money. But small businesses should have the basics you should have, if you've got more than one employee, or if you're working off-site, and your business is over here on this network, that network needs a firewall, and it needs a firewall in front of it, that's a piece of hardware that does two-factor authentication, where when I go to log into my network from home or the Starbucks, I put in my username and password. Then there's a second form of authentication, that's like a rolling code on your smartphone.

You go to your smartphone, you bring up your app, and you type in this eight-digit code, it's the kind of thing that people are starting to notice banks finally rolling out to consumers, where, hey, I log into my bank, and it's like, Hey, I'm gonna text you a code. That's the second factor. You have to have that backup of your data, your accounting data, your payroll data, your architecture designs, your recordings of your podcast, the videos that you're producing, that all of that stuff needs to get backed up automatically. If you have to do something every day or once a week or remind yourself once a month, I'm gonna plug a plug into this, and then do this in that it ain't good work because we're busy, as entrepreneurs, especially as small business owners, especially. How often are you going to remind yourself to do that? I'll do that next week.

What surprises people is almost all of our data recovery clients which we still do, by the way, almost all of them had a backup until they want to look at it, and it's like, Oh, crap, I haven't done it since March 2018. It's like, that's normal. That's the normal experience. It's not that they never thought about it, everybody knows, I should back my data up. But they don't spend like the $50 per node per year, to backup the data in an automated fashion to a different network. If the bad guys get you, well, you can go get your backup over here. As long as you have a different username and password to get into it, and ideally, there's a two-factor off to log into it, then they're never gonna hold you ransom. Now, they may have your data, they may steal your data, and that might be bad and that will be bad. But at least you won't have to pay some Ukraine $5,000 to get access to your data back.

Gresham Harkless 12:37

Yeah, that makes perfect sense. I mean, all through our business, the whole idea, at least what I say, I think even a lot of the definitions of businesses just to kind of mitigate risk. You're trying to reduce the likelihood of risk, or you can't guarantee, you're not going to have any risks, whether it be technology or whatever. But you try to reduce that as much as possible. As you said two factors, often authentication, and those kinds of steps help out as far as doing that. I appreciate that. You might have already touched on this, but I wanted to ask you for what I call your secret sauce, and it can be for you personally, or your business, but what do you feel kind of sets you apart and makes you unique?

Brian Gill 13:07

Just be passionate about what you do. It matters a lot more to me, how many people we help, and how many people we advise. I spend hundreds of hours a year on the phone with clients that are in desperation, we just got breached situations that never engage with us. I always give them everything I have. Every ounce of knowledge, every piece of advice, it's free. I'm here to help and the more people I can help, the better.

Gresham Harkless 13:36

I appreciate that secret sauce. I wanted to switch gears a little bit. And I want to ask you for what I call a CEO hack and this might be an app or book or a habit that you have, or something that makes you more effective and efficient.

Brian Gill 13:46

Learn to delegate effectively.

Gresham Harkless 13:48

Now, I wanted to ask you, you already gave us some of these but I want to ask you if you had any more as far as like a CEO nugget and this is like a word of wisdom or a piece of advice, anything that small business owners can do related to technology that can help them to be successful as well.

Brian Gill 1:16

The first thing to understand is you're gonna have to spend money and you're gonna have to spend some of your hard-earned money on it, and IT security and that sucks. Everybody wants to put that money in the checking account, or put it in the holiday bonuses are distributed. You don't have to take all of it. But you probably have to spend more than you think you do.

Gresham Harkless 14:21

I appreciate those nuggets. Now I want to ask you my absolute favorite question, which is the definition of what it means to be a CEO. And we're hoping to have different quote-unquote CEOs on this show. So Brian, what does being a CEO mean to you?

Brian Gill 14:30

Being a CEO is being a leader, they're synonymous. Depending on your corporate structure you might be responsible to shareholders or whoever, and maybe you're a one-person company. You're the CEO of your one-person company. Well, you're still responsible to your shareholders, which is you.

Gresham Harkless 14:51

I appreciate that definition and I appreciate your time even more Brian. What I wanted to do is pass you the mic so to speak, just to see if there's anything additional you want to let our readers and listeners know, and then of course our best they can get a hold of you, find out about all the awesome things we work guys are working on and just get in touch with you for any additional kind of cyber where cyber security information they need to know.

Brian Gill 15:07

Sure. Hey, thanks, Gresh. If you're a midsize business specifically, if you're in one of those regulated industries, and you're worried about this cyber stuff, and you're not exactly sure how prepared your organization is, we developed internally here at Gilbert, what we call a ransomware stress test. It's a way to self-guided tour, it asks about 50 questions, and some of them are a little technical. It asks a bunch of those questions so you can grab your IT MSP or you can grab your IT guy, you can drag them over, and you can take it together.

At the end of that process, which will take a little while, you'll get a score of how prepared we think you are, for specific ransomware, one variant of the type of attacks that are happening. It's a free thing. You'll learn a lot. If anybody wants to talk to me about any of that kind of stuff, it's gillware.com, g i l l w a r e. You can see the ransomware stress test on there, etc. If you are looking to connect with me, I'd love that I'd appreciate, just go to LinkedIn, Brian Gill sure you'll find me Brian Gill where it'll pop right up.

Gresham Harkless 16:06

Awesome. Thank you so much again Brian. We will have the links and information in the show notes so that everybody can follow up with you. Again, appreciate you, appreciate your time, appreciate you reminding us of following our passions and of course reminding us of all the things we can pay attention to as business owners and entrepreneurs as well. Thank you so much again and hope you have a great rest today.

Outro 16:23

Thank you for listening to the I AM CEO Podcast powered by Blue 16 Media. Tune in next time and visit us at iamceo.co I AM CEO is not just a phrase, it's a community. Be sure to follow us on social media and subscribe to our podcast on iTunes Google Play and everywhere you listen to podcasts, SUBSCRIBE, and leave us a five-star rating grab CEO gear at www.ceogear.co. This has been the I AM CEO Podcast with Gresham Harkless. Thank you for listening.