Or listen in your favorite podcast app
In today’s world, there is no telling exactly who is in charge of a company’s IT Department. Is it the CTO? Sometimes. But what about the CIO? Yep, they often are the IT czars, too. But at Checkr, it’s neither. Instead, the IT Department falls under the jurisdiction of Cory Louie (LinkedIn), Checkr’s Chief Trust and Security Officer.
Cory’s path to technology was definitely not straight, but no matter what his job was there was always a common theme. From Law enforcement to the Secret Service to working at Google, Dropbox and even in the White House, everywhere Cory went, he pursued a higher purpose.
On this episode of IT Visionaries, Cory takes us through his life and career and gets deep in the weeds about how technology is changing how security is done across industries.
Best advice: “My first advice is to breathe, one. Two is don’t stray from your own personal values and your own personal mission and purpose no matter what. I think a lot of times you get surrounded by your new environment and you become that environment. It’s great if that environment matches with you. But if it doesn’t, you need to stay true to yourself and have your team emulate who you want to be.”
- The importance of choosing your title and understanding your role.
- The challenges of being the CISO at the White House.
- What does the future of security look like?
- Why Cory always looks for a higher purpose in his work.
Cory’s circuitous path to technology
Cory was a curious kid and a gamer, and he was interested in technology and computers. But rather than follow the path of so many others in Silicon Valley to a tech start-up, Cory pursued law enforcement and got a job with the Secret Service. While with the Secret Service, he volunteered to be part of a program called the electronic crime special agent program. In that program, he essentially was taught how to be a hacker so he could go after the hackers out in the world committing crimes. When he left the Secret Service, Cory took a job at Google and from there, he was committed to a life in tech.
Choosing his title
At Checkr, Cory chose the title of Chief Trust and Security Officer because security, privacy and trust are all synonymous. As security and privacy become more important, and there are Security and Privacy Officers in every company, there will also be a shift away from internal security toward customer-facing as well as connecting with all other departments. Each of those relationships is dependent on trust. Maintaining trust is extremely difficult, though. One mistake or one breach could ruin everything you worked for, so you have to guard it with everything you have. To have proper protection, you need to know who is coming in and out of your organization, and that’s where a service like Checkr comes into play. Cory knows that background checks are a huge part of a company’s success, and as businesses scale, they want to bring people on as quickly as possible. This makes sense, but it’s risky if you’re sacrificing compliance for speed. You never want to destroy that initial trust, so Cory and Checkr stay on the forefront of offering the most speed with the best possible product to ensure the trust of your organization.
“I think trust is fundamental to security. I think security is a subset of trust. Trust to me is security, privacy, and compliance, all of those things together.”
“Trust means different things to different people and I think it starts with first building trust within your company as a start. Then you start thinking about trust outside of your company and how the world views you.”
“We are constantly looking to increase the speed of doing that evaluation process through a background check, through a suitability screening, and an adjudication of the information you get. But what I always say is you can have speed, but you cannot compromise on compliance. You cannot compromise on accuracy and you cannot compromise on quality.”
Becoming CISO at the White House
After nine years dedicated to the tech world, the opportunity to become the CISO at the White House was presented to Cory. Initially, he said no, but seeing the need to improve the U.S.’s technological infrastructure and implement new ideas was enough to change his mind. It was an odd shift to go from protecting the bubble as a Secret Service agent, as Cory put it, to working inside the bubble of the White House. While there, Cory was able to implement technology, such as automation, that greatly increased the efficiency of people and processes throughout the White House, including cutting months off of the background check process.
At the White House, Cory had “Top Secret” clearance, which means he was privy to very sensitive information. But whether you’re at the White House or working security at any organization, there is information you have that you cannot share, and that can be a very difficult thing to manage if you don’t have the right mindset.
“There is a huge need —not just here in the U.S. but I think in all governments — to apply the concepts of technology, speed, efficiency, and a different leadership style really to the government. And you also almost need to run the government as efficiently as you run a business.”
“I look forward to the day when I have my own children and grandchildren and I can tell them all these stories and they probably won’t believe me. And I actually have nothing to show them either to prove it. It’s one of those things that as a security professional it’s a blessing and a curse. You get exposed to all these things but at the same time you actually can’t talk about certain things and you actually have to internalize it. I think security people in all organizations are under a lot of pressure and, how we deal with it is really kind of a signature of you as a person.”
The future of security
In terms of physical security, Cory believes there are ways to be more secure, but people are still hesitant about implementing them out of fears around privacy. Specifically, in the areas of facial recognition and biometrics, there is a huge upside in the security of those technologies, but the concerns surrounding the privacy of that kind of data is still holding people back.
Everyday practices and mindsets need to change if you want to live more securely. Most of us, Cory says, don’t give a second thought to signing into a place’s WiFi or hooking up to an unknown connection. We’re conditioned to just be OK with the fact that we’re handing over certain information and access. We need to condition ourselves in the opposite direction.
“Being a balanced security person with a balanced mindset, I see the benefits of deeper validation techniques such as facial recognition or biometrics. But at the same time, I also understand the privacy concerns behind that. And so until you can address that, you actually cannot deploy something that’s going to have a lot of unknowns and a lot of worry and concerns. You have to actually be very transparent on what you’re doing with that data, how you store it, and what else it is being used for.”
“We are socialized to be able to like share our data in many places without thinking about the potential ramifications.”
Working with a higher purpose
Cory explains that he is extremely purpose-driven, and only pursues opportunities that allow him to serve a higher purpose.
“I had a very difficult decision when I had to choose between staying with the Secret Service or going to work for Google. And I came to realize that the scope of helping people at the Secret Service was awesome, but it was limited to the U.S. It was limited to protecting whoever I was assigned to protect. I realized that working at Google allowed me to scale my efforts to protect people in the entire world because of Google’s scale. I kind of kept that with me throughout my career, which is why I kind of look at the purpose of a company that I’m joining.”
Getting started in security
If you want to get into the security field, Cory says to focus less on certifications and more on practical knowledge and experience. If you want to learn about security, start getting hands-on with it.