1) Tell us about your early education and aspiration during your formative years? How did the University of Houston help in your early days?

We lived overseas from when I was 3 until 8 or 9 years old. We had a teacher that travelled with us that taught each of us individually. I was the only child in my grade. So, reflecting on it as an adult, I think she was probably stretched pretty thin. Meaning that I doubt she had the time and ability to teach such a widely divergent range of needs and be highly effective. 

As a young adult, I had a desire to be an entrepreneur but at the time, my experience was limited to working in retail. I had virtually no money and no other skills to leverage into coming up with any good ideas. So, I went to college to work on getting an education. I initially wanted to be a Petroleum Engineer like my Father. However, I was very much a reluctant student and struggled to get through engineering calculus and chemistry. 

After much internal debate and trying more than a few different classes in fields like Philosophy, Journalism, and even Computer Science, I decided that an Accounting degree would give me the most well-rounded business education of any possible business major. The degree included classes in Finance, Marketing, Management, as well as Accounting.

2) How did your career kickstart in 1996? How was the journey till now and what are some of the biggest hurdles you have overcome?

I got married to my first wife in 1993. Our first child, Lindsey was born in 1995. I was working part-time, going to school full time and helping raise our daughter. My wife worked full time to support us. It was a challenging time with little sleep, to say the least.  

For a variety of reasons including my struggles with engineering and trying to sort out what I wanted to do, my grades were not the best. When I graduated from the University of Houston, I had seen that people with really good grades typically got jobs with the Big 8 National Accounting firms like Arthur Andersen, Ernst & Young, Deloitte & Touche, etc. Working for any of these firms for a few years could help set the trajectory of your career. I knew that my grades weren’t good enough. I had resigned myself to never work for any of these prestigious firms. 

I started my career in 1996 after I graduated as a bookkeeper, making very little money. Finding good jobs was difficult and at the time it was even more difficult to find someone who would take a chance on me. I was fortunate that a gentleman named Rodney King hired me as an internal auditor for a company called Transocean Offshore. I spent part of the next seven months travelling overseas performing audits of various facilities including shore bases, counting strands of pipe and drill bits. It was a fantastic work experience but my wife was not happy about me being out of the country and unavailable to help her with our now two children. Our Son, Grant was born in 1997.

I happened to meet a young man that worked at Deloitte & Touche. He introduced me to a Senior Manager in their practice. The Senior Manager hired me as a staff auditor and then when another person made a switch over to Ernst & Young, I followed them over to E&Y. I stayed at E&Y for 7 ½ years and worked in several different departments: Audit Support, Information Security Consulting performing assessments and ethical hacking, and the Firm’s internal Global Information Security Group. I forged many good relationships and made connections with other people while I was there that helped me later in my career.

3) You have worked in many sectors before joining IT? What were the reasons for the switch?

Most of my career has been spent in some role related to information security which I would consider to be a sub-discipline of Information Technology. Some of the changes were intentional - my attempts to get more experience in specific types of businesses. For example, when I left Ernst & Young in 2006, it was to work for a company that was in financial services and manufacturing - they printed checks for both personal and business use. Their parent company was publicly traded. A year later, they acquired a large competitor that allowed people to pay for checks with credit cards which is how I got exposed to the Payment Card Industry’s Data Security Standards aka PCI DSS. 

Some of the changes were purposeful to either try to attain better positions making more money or to attain a specific title. Others were reactive like moving back to Houston from San Antonio, where I took the first job I could find or related to a downturn in the economy which resulted in a loss of a job.

All of these positions were still somewhat related to Information Technology where I was either helping to secure specific business systems, assessing the security of various systems and processes, or supporting information security software to help security company’s systems.

4) After studying Accounting in college what made you start working for digital technology? How difficult was this transition?

At the time the use of computer systems was not very prolific. Back then, I was assessing what’s called “general controls” in support of the financial audit. Essentially, I was helping them decide if they could rely on the computer controls or if they needed to do more substantive testing (ie, increase their sample size). I looked at logical controls over desktop, server systems and applications. I would also document any physical controls, back and recovery processes and procedures, and disaster recovery/business continuity planning. It helped me get a better understanding of how technology functioned in the workplace beyond just using Word.

I’d say it wasn’t a difficult transition at the time because the technology was complicated but not as complicated as it is today. My transition from internal auditor to full-time information security professional was more difficult because I had to learn how systems administrators managed computer systems and I had to learn a lot more technical details around operating systems like Windows Servers, UNIX/Linux, and Novell Netware and networking concepts like TCP/IP, routing, and how specific services like Domain Name System (DNS) worked. Jumping from a fairly non-technical job into an extremely technical one was certainly challenging but it was a lot of fun.

5) In your experience, can professionals with non-technical background find success in the IT industry as entrepreneurs? If yes, what changes will they have to make?

Certainly. I think it’s all about how much time and effort you want to put into whatever it is that you do or aspire to do. There’s so much information online and available right at the tip of people’s fingertips with Google that you can learn and master pretty much anything. 

I think being an entrepreneur is about taking risks and looking at current problems and/or solutions in a different light than someone else might look at them. Not all innovations are ideas that open up new markets. Many ideas are simply improvements to an existing idea or product. 

That being said, people should know that most new businesses end in failure and so they should have a backup plan or an idea on what they will do next. Most startups run out of funding before they find product-market fit. The founders usually give up at that point and abandon their idea. In some cases, that’s the wisest move. In others, maybe the idea could’ve been successful had they been able to give it more time and effort. 

Single founder companies typically don’t do as well or get as far as multiple founder companies. I think the reason why is because not only are you sharing the financial risks, you’re also dividing out complex problems into more discrete problems that you have a higher probability of solving because you’ve got multiple people (and more time) working them. Then there’s the idea of teamwork and collaboration to consider. Teams do better because you can discuss the pros and cons and (hopefully) come up with better ideas. 

6) You wear multiple hats as a security professional, technical expert and a businessman. How do you manage to play so many roles at the same time?

Sometimes really well, and other times not so well. Because I didn’t have much experience as a business person or as an entrepreneur, I’ve made a lot of costly mistakes. My experience is likely very typical in that I’ve met many single founders that had similar challenges. 

I know or have met more founders because I got myself into two different accelerator programs: NewChip and Startup School. Both of these programs provide learning materials to help you be a better entrepreneur and also have you spend more time talking to other founders. I would have been a much better first-time founder had I gone through one of these programs before I signed my first development contract. I likely would have made some very different decisions.

7) You have vast experience in the information security field. Can you specify the importance and relevance of information security in today's world?

It’s still a growing field. There are many job opportunities in information security and it keeps growing. Over the last 5-10 years, I’ve seen a lot more issues with data breaches, cybercrime, identity theft, and even cyber warfare than when I started in this field in 1998/1999. Back then, we used to tell our clients that they should hire us to help them find their vulnerabilities before the hackers exploited them to their detriment. Now, unfortunately, a lot of companies do that and still experience breaches. 

Today’s Information Technology world supports some very complex and large businesses. I think the success of eCommerce and technology has in some ways naturally eroded privacy and put people’s personal information at risk. Information Technology can be very complex and we need more people, not less solving security problems. I think the only way to beat cybercriminals at their game is if people that are developing applications, managing servers and infrastructure all spend some of their time thinking about how to best secure the systems. Unfortunately and in my experience, that rarely happens. 

8) How and why did you start Consumer Affinity? What is the vision behind it?

I originally started Consumer Affinity about two years ago to try and help protect consumers. The original idea was to combine technology with an educational component. The technology was going to include several key components like a password manager, VPN, social media, and credit monitoring. While I still think it was a good idea, at the time I was very naive about how much time and money it takes to make one product successful, much less one that has multiple components. After starting the NewChip accelerator program, I quickly realized that we needed to simplify our product offering and dropped as much out of the development as possible. 

The vision is to find a market niche and area that helps to solve technical problems or challenges for consumers.

9) What was your vision when you took the role of CEO at Consumer Affinity? What was your goal and what challenges did you face as its CEO?

My vision was to try and help consumers. At the time, I thought that we could help educate consumers and teach them how to help protect themselves online. We spent a lot of time during our first year while developing our first software product writing content for our Facebook page and creating short animated videos for our YouTube channel. We wound up learning a lot from that. We were able to learn a bit more about what kind of content people seem to like and what subjects in information security people seemed interested in reading about. That being said, we also learned that most people aren’t interested in these subjects unless they’re Information Technology or Information Security professionals. 

I think my biggest challenge as a first-time founder and CEO was not having a good grasp of what might be a good idea to pursue versus what isn’t. I don’t know that I’ve entirely solved that problem but I think I’ve learned to try and limit the scope of our market experiments and therefore, lower our financial risk.

10) What makes an app great? What measures Consumer Affinity takes to make every product the best in its class?

The measure of any successful service or product is this - do people want it. If people want to use it and find value in it, it has the potential to be successful. I think a great app needs to consider and take into account the user’s experience. There are certainly some successful apps out there that don’t have well-designed user interfaces or provide for a great user experience but I tend to wonder, how great could those apps have been if they did? 

I think a lot of building an app that people like is about finding a great partner or people that are better at design than the founder(s). In the case of Signils, I did a lot of research before signing a contract with Vironit in Ukraine. I felt very comfortable that they had the right resources to help bring my vision to life. They have people that specialize in user interface design, backend infrastructures, frontend, and naturally mobile apps. A bonus was that they provide a project manager that can also double as a business analyst.

11) Tell us about Signis. What led to its foundation?

I originally wanted to build a Bluetooth credit card skimmer detector. There are a couple in the Apple Store and Google Play Store but not that many. It seemed like a useful application that could help people potentially avoid dangerous devices at various locations like gas stations, ATMs, and retail merchants. 

One of the biggest challenges with the existing Bluetooth skimmer apps to date has been that they have a difficult time distinguishing between good and bad devices. There are a lot of devices that use the same Bluetooth chipsets that are being used in skimmers because they’re cheap to manufacture in mass quantities and they’re readily available.

We wanted to develop an application that would not only be capable of detecting Bluetooth enabled Skimmers but could help distinguish between good devices and bad. I also wanted to build an application that would have broader appeal - so we decided to build an app that allows people to manage devices, locate lost devices, and detect Bluetooth enabled card skimmers.

12) Do you think Bluetooth will be a relevant technology in the future?

Absolutely. The number of Bluetooth enabled devices are on the rise, and the Bluetooth Special Interest Group (SIG) continues to develop new applications for the technology. Some of the most recent developments include proximity solutions for Point of Interest (PoI) information and item finding and real-time locating systems (RTLS) for asset tracking and indoor positioning systems for wayfinding. Some of these applications provide better solutions than existing technologies like GPS that don’t perform well indoors.

13) Many new technologies like Beacons, iBeacons and RuuviTags are entering the market and Signils is one of the pioneers. What impact this technology is going to make and what problems will it solve?

The goal of Signils is to help people manage, and where applicable, protect their wireless connections. The current version takes on aspects of Bluetooth that include Bluetooth Low Energy, Bluetooth Classic, Beacons, iBeacons, Eddystones, and RuuviTags but there’s no reason why we can’t expand our application’s coverage to include Wifi and RFID signals. 

Beacons have been around for quite some time. However, the newer Bluetooth standard provides a lot more powerful capabilities around indoor positioning and location services. I think we’re just seeing the tip of the iceberg with this technology. Right now, Beacons enable these services but I see no reason why these capabilities couldn’t be expanded into existing smartphone technologies. I think if the services that Beacons provide become popular, you’ll see them integrated more tightly into the iOS and Android operating systems instead of being made available in separate devices. 

14) How can Beacons, iBeacons, and RuuviTags help businesses and consumers?

Beacons and RuuviTags are designed to provide location context to objects that might or might not be stationary. In some cases, a person might be handed a beacon in a store and then as they walk through the aisles, they might be presented with coupons or other offers that are specifically related to items that they pass or might spend time seriously considering buying. I think the technology, if applied right, could help consumers make buying decisions by either providing additional information or context about the item (reviews for example) or give them the right incentive to complete their purchase.