In the cybersecurity world, Vernon Yai stands out as a leading authority on data protection, privacy, and governance. He is renowned for his innovative techniques in risk management, focused on safeguarding sensitive information. This interview explores Vernon’s insights into building a successful venture in the ever-evolving field of cybersecurity.
How did the idea for ThreatLocker originate, and what motivated you to start the company even if you initially didn’t want to?
The idea for ThreatLocker stemmed from firsthand experiences in ransomware recovery. I noticed a substantial gap in how security was approached—most solutions seemed reactive, focusing on detection after the fact. I realized that proactively blocking untrusted software could shift the paradigm. Although I was initially hesitant, the opportunity to create a new path in endpoint security and address a critical industry shortcoming motivated me to take the plunge and start the company.
Can you describe the journey you took from being a founder to becoming a CEO and CTO? What were some key challenges you faced during this transition?
Transitioning from founder to CEO and CTO involved stepping into leadership roles that mandated strategic foresight and operational management. One of the most significant challenges was maintaining the initial innovative spirit while scaling operations and building a team. Balancing the technical demands with the need to guide a growing business also required continuous learning and adaptability.
What was your approach to hiring in the early days of ThreatLocker, and how did it differ from traditional industry practices?
Our approach was to look beyond the conventional criteria of experience and technical expertise. We wanted people with diverse backgrounds who could bring fresh perspectives. While others might prioritize industry veterans, we believed that individuals with unconventional experiences could provide unique insights that would challenge and enrich our development processes.
Why do you think hiring individuals from diverse backgrounds, such as a former real estate agent and physical therapist, has been effective for ThreatLocker?
Bringing aboard people from diverse fields allows us to engage with innovative ways of thinking and problem-solving. For instance, a real estate agent’s understanding of client relations or a physical therapist’s focus on practical solutions can translate into creative approaches to customer engagement and problem resolution in cybersecurity. It’s the diversity of thought that enriches our team and enhances our capability to innovate.
How important has cybersecurity expertise been in your hiring process, and what value does it bring compared to unconventional backgrounds?
While having a baseline of cybersecurity expertise is crucial, it’s the unconventional backgrounds that add depth to our team. Experts understand the technical landscape, which is vital, but innovation often comes from those who see things differently. By merging both, we can tackle challenges more comprehensively and creatively.
Could you elaborate on the role of advisors in ThreatLocker’s growth? Why did you decide to include non-customers as advisors?
Advisors have been pivotal in providing guidance and external perspectives that are not clouded by day-to-day operations. Including non-customers was a strategic decision to gain insights from diverse industries and viewpoints. Their unbiased input helps us refine our strategies and stay aligned with broader market needs.
How has customer feedback influenced your product development, and what strategies do you use to maintain close engagement with your customers?
Customer feedback has been a cornerstone of our product development. By engaging directly with users at trade shows and through open communication channels, we ensure their needs and challenges directly shape our solutions. This engagement strategy helps us stay proactive and responsive, continually adjusting our products to better serve our customers.
What is your philosophy behind giving out your personal cell phone number to customers, and how does it impact your relationship with them?
Providing my cell phone number is about breaking down barriers and fostering trust. It signals sincerity and commitment to our clients, letting them know that their concerns are heard at the highest level. This approach not only strengthens relationships but also ensures we remain attuned to their needs and can act swiftly.
How did the challenges you observed during ransomware recovery inform the development of ThreatLocker’s endpoint security solution?
Witnessing the struggles organizations faced during ransomware attacks highlighted the inefficiency in merely detecting threats. This informed our development of a solution that focuses on prevention—blocking untrusted software by default, rather than waiting for a breach to act. This proactive stance is rooted in those recovery experiences and aims to save clients from the turmoil we observed.
Can you explain how ThreatLocker’s approach to blocking untrusted software by default is distinct from traditional whitelisting technologies?
Traditional whitelisting is often cumbersome and rigid, making it impractical for many businesses. Our approach, however, is designed to be flexible and user-friendly. We’ve developed features that simplify the management and approval processes, allowing automatic handling of updates and onboarding procedures without sacrificing security, making it feasible for broader application.
How did you address the practical challenges that previously made whitelisting unworkable, such as managing software updates and simplifying approval processes?
We tackled these challenges by introducing automation and providing granular control. By automating software updates and streamlining approval processes, we made it easier for organizations to adopt our solution. This approach allows IT teams to focus on critical tasks without the manual burden typically associated with whitelisting.
What innovative features has ThreatLocker developed to improve zero-trust security and streamline client processes?
We’ve pioneered features like automatic shutdown of admin tools under potential threats and enhanced visibility into network operations. These improvements not only bolster security but also allow clients to manage their systems more efficiently. Our solutions aim to be transformative—addressing both current and emerging cybersecurity challenges.
Can you discuss the impact of not just creating carbon copies of competitor offerings in your product development strategy?
By avoiding replication of existing solutions, we’ve cultivated innovation. Our focus is to solve problems specific to our clients rather than mirroring others’ offerings. This approach not only sets us apart in the market but also drives customer satisfaction, as we provide genuine, need-based solutions rather than generic alternatives.
How has your leadership style and vision contributed to ThreatLocker’s growth to protect 54,000 businesses and employ 600 people?
My leadership has centered around being mission-driven, with a focus on commitment and resilience. This has translated into a culture of excellence within the team. The vision to innovate and provide unparalleled security solutions has united everyone under a common goal, facilitating our significant growth and the protection of thousands of businesses.
What advice do you have for aspiring entrepreneurs about the significance of having a transformative vision and relentlessly pursuing your core mission?
Have a clear vision that transforms how things are done and commit to it relentlessly. It’s about solving genuine problems and staying focused on your mission. Challenges will come, but your persistence and dedication to fulfilling your vision will ultimately guide your journey and define your success.
