Tim Johns, Vice President of IT Operations and Chief Data Safety Officer, Custard Insurance coverage Adjusters
Tim Johns, Vice President of IT Operations and Chief Data Safety Officer, Custard Insurance coverage Adjusters
Tim Johns, Vice President of IT Operations and Chief Data Safety Officer (CISO) at Custard Insurance coverage Adjusters, has constructed a profession over 4 many years, witnessing firsthand the transformation of IT and cybersecurity. From working with mainframes and punch playing cards within the early Eighties to main IT safety technique for a serious insurance coverage adjuster, his journey is a testomony to adaptability and management in a quickly evolving digital world.
On this interview, Johns shares insights into right now’s largest cybersecurity challenges, trade traits, the function of vendor danger administration and the significance of management buy-in for efficient safety methods. He additionally discusses the human consider cybersecurity and why proactive safety measures have to be a precedence for each group.
A Profession Outlined by Technological Shifts
My journey in IT began in highschool once I was launched to keypunch operations and punch playing cards, each of which had been foundational in monetary establishments on the time. I started my skilled profession in mainframe computing, spending seven years mastering its complexities earlier than transitioning into server know-how because the trade developed. By the late Eighties, Microsoft was beginning to disrupt the IT house. Initially, I used to be skeptical that PC know-how may substitute mainframes, nevertheless it rapidly grew to become evident that the trade was shifting. I tailored by shifting into client-server know-how in 1990. At the moment, Novell dominated networking, and I grew to become a Microsoft-certified programs engineer (MCSE) in 1996. My profession took me throughout a number of industries, from medical data administration—the place I led a crew overseeing 60 million medical data—to healthcare IT, finance and authorized operations. Finally, I joined Custard Insurance coverage Adjusters as an IT Supervisor, a job akin to an IT Director in lots of corporations. Over time, my management in IT technique and cybersecurity led to my promotion as vp of IT Operations and chief data safety officer (CISO), the place I now oversee enterprise safety, IT governance and danger administration.
From Paper Credentials to Actual-World Readiness
One of many largest challenges in cybersecurity right now is the scarcity of expert professionals. Many candidates look nice on paper, however they fall brief with regards to hands-on expertise. Certifications and formal schooling are useful however don’t all the time translate into the experience wanted to deal with real-world threats. Excessive wage expectations additional complicate the problem. Whereas cybersecurity roles demand aggressive compensation, corporations wrestle to seek out candidates who justify the funding.
I’ve interviewed many individuals who checklist cybersecurity abilities on their resumes however lack the depth wanted to function in a highstakes atmosphere.
One other problem is getting management buy-in. Many organizations solely prioritize cybersecurity after experiencing a breach, which is commonly too late. At Custard Insurance coverage Adjusters, we’re lucky to have management that understands the significance of integrating cybersecurity into enterprise processes slightly than treating it as an afterthought. This dedication helps us scale back danger publicity and align safety efforts with broader enterprise aims.
Regardless of elevated consciousness, many corporations stay reactive slightly than proactive of their cybersecurity methods. The rise of ransomware, provide chain vulnerabilities and cloud safety dangers has made cyber resilience a necessity. Sadly, some organizations delay funding in cybersecurity till they expertise an assault, resulting in pricey penalties.
A robust cybersecurity technique needs to be proactive and incorporate steady risk intelligence, safety monitoring and danger administration. At Custard Insurance coverage Adjusters, we deal with staying forward of threats by leveraging safety intelligence and trade greatest practices. Common safety assessments and governance frameworks assist us be sure that our defenses stay efficient towards evolving cyber dangers.
Closing the Cybersecurity Gaps
Cybersecurity isn’t nearly defending inside programs—it additionally requires securing the third-party distributors we depend on. Many breaches occur because of vulnerabilities in an organization’s provide chain, the place attackers exploit weak safety measures in vendor programs.
At Custard Insurance coverage Adjusters, we take vendor danger administration critically. We assess our companions’ compliance with safety rules, conduct common audits and implement strict entry controls. A key instance was a current vulnerability present in Fortinet’s VPN software program. When the safety flaw was disclosed, we instantly patched our firewalls. Shortly after, we detected suspicious exercise, however as a result of we had already utilized the patch, we prevented what may have been a severe breach. This bolstered the significance of staying forward of threats by means of fixed monitoring and immediate motion.
Expertise is essential in strengthening safety, nevertheless it’s solely efficient when mixed with agency insurance policies and worker consciousness. At Custard Insurance coverage Adjusters, we’ve built-in AI-driven safety analytics, machine studying and automatic risk detection into our operations. These instruments assist us establish and mitigate threats earlier than they escalate.
Cybersecurity will not be a onetime initiative—it requires ongoing funding, talent growth and cultural integration 
Nonetheless, know-how alone isn’t sufficient. Staff are sometimes the primary line of protection, and with out correct coaching, they will inadvertently expose the corporate to cyber dangers. We conduct common safety consciousness applications to coach our groups on phishing assaults, social engineering and different cyber threats. A robust safety tradition is simply as essential because the instruments we deploy.
Common safety audits and penetration testing assist us keep away from potential threats, guaranteeing that vulnerabilities are recognized and addressed earlier than attackers can exploit them.
Cybersecurity will not be a one-time initiative—it requires ongoing funding, talent growth and cultural integration. For a company to be resilient, safety have to be embedded into each side of enterprise operations.
At Custard Insurance coverage Adjusters, safety isn’t simply an IT operate— it’s a enterprise enabler. By integrating cybersecurity into decision-making processes, we be sure that safety initiatives align with operational objectives and long-term enterprise continuity.
The Subsequent Period of Cybersecurity Begins Now
Cyber threats have gotten extra advanced, requiring organizations to stay agile and proactive. Predictive safety fashions will outline the way forward for cybersecurity management, the place organizations anticipate threats earlier than they materialize. AI and automation might be essential in managing large-scale safety operations effectively. Regulatory compliance and knowledge privateness legal guidelines may even form safety methods. Firms that fail to remain forward of rising rules danger monetary and reputational harm. At Custard Insurance coverage Adjusters, we’re dedicated to steady enchancment, adapting our cybersecurity technique to align with evolving threats and compliance requirements.
Cybersecurity is now not elective— it’s a necessity for enterprise survival. Organizations that put money into proactive safety measures right now will thrive sooner or later. At Custard Insurance coverage Adjusters, we stay dedicated to constructing a resilient cybersecurity framework by staying forward of threats, strengthening vendor danger administration and fostering a tradition of safety consciousness. By prioritizing strategic management and steady enchancment, we be sure that our group stays safe, aggressive and ready for the everchanging digital panorama.
