Chris Swan is the CTO at Cohesive Networks and focuses on product development and delivery. Chris was previously at UBS where he was CTO for Client Experience working on strategy and architecture for web and mobile offerings across all regions and business divisions. At UBS Chris was co-head of Security CTO focusing on identity management, access control and data security. Chris represented UBS as Director on the Steering Committee of Open Data Center Alliance (ODCA), an industry association focused on enterprise cloud adoption. Before joining UBS he was CTO at a London based technology investment banking boutique. Chris previously held various senior R&D, architecture and engineering positions at Credit Suisse, which included networks, security, data center automation and introduction of new application platforms. Before moving to the world of financial services Chris was a Combat Systems Engineering Officer in the Royal Navy. He has an MBA from OUBS and a BEng from the University of York.

1. You’ve been the CTO at Cohesive Networks for more than two years now. What is specific responsibilities do you perform and what initially attracted you to this particular position in the first place?

I knew most of the founders before the company got started, and I was often given the chance to test out new things as they came to market, so it was clear to me that Cohesive were doing exciting stuff. When Patrick Kerpan became CEO and asked me to join as CTO, it was one of the easiest decisions of my career.

A big part of the job of any startup CTO these days is outward facing – marketing, demos for prospective customers, and helping new customers get started and achieve success. Internally it’s all about working with the engineering team to turn our roadmap, which is very much customer driven, into reality.

CCNA Training – Resources (Intense)

2. What specific hard and soft skills do you require in order to succeed as a CTO?

One of the most important soft skills is storytelling, in order to help people understand what we do. It’s also important to listen and figure out how you’re a part of somebody else’s bigger picture, and then make your story fit into their narrative.

Hard skills wise I need to stay on top of a giant pile of constantly changing technology – cloud, security, containers, networking, programming languages and architectures. Engineers get to specialise, but CTOs generally need to spread themselves out a bit thinner.

3. According to your LinkedIn profile, you previously served as a combat systems engineering officer with the Royal Navy, and you’re also an advisor, an editor and an events director. How did did these positions prepare you for what you do at Cohesive Networks?

The Royal Navy offers some of the best management, leadership and specialist training in the world. It gave me the opportunity to have responsibility early in my career, running a department in a front line ship, which I think gave me a head start on everything that came since. It’s also easier to stay calm when you’re not in a job that has you dealing with misfired Exocet missiles.

Since I need to stay on top of what’s happening in tech I find that writing about it, and organising events, is a great way of crystallizing my thoughts. There’s a great deal of truth in the saying that, ‘you don’t understand something properly until you can explain it to somebody else’.

4. Among other positions, you previously served as co-head of security CTO at UBS. In your opinion, what are the greatest security threats that businesses face today?

Threats has a specific meaning in information security, and I could reel off a giant list that would still completely fail to capture the true enormity of the problem. The greatest single issue is information asymmetry. Security vendors and their customers mostly don’t actually know what works and what doesn’t. That precious information is usually in the hands of attackers, and often leaks out too late when something bad already happened. Another huge issue, particularly for larger businesses, is the interplay between the agendas of multinationals, nation states and guerrilla organisations. There are no clear battle lines in the virtual world.

5. What mistakes do businesses tend to make that can leave them susceptible to a cybersecurity attack?

The most common mistake is thinking that compliance and security are the same thing. Regulation is always playing catch up with the state of the art, so being compliant means at best you can defend against the old stuff. Of course it’s still important to be compliant, because that’s the stuff that gets executives in trouble. But too many businesses fail to see the gap between compliance and security.

6. What steps can a company take to build a corporate culture that includes cybersecurity best practices?

My preferred definition of culture is ‘the way we do things around here’, so having a culture that includes security best practices means making those activities part of the everyday way that things get done in the company. That starts from the top by having the executive team lead by example, and it also means that ‘security’ isn’t a separate appendage to the organisation constantly saying no to stuff. Security needs to be integral, and part of saying yes to changes in the business and technology that supports it.

7. Cohesive Networks helps businesses to use cloud infrastructure. Why should prospective customers choose what your company offers over what is available from other providers?

Cohesive is a cloud native company, and our designs are API first. That’s a very different approach to most other networking vendors, who come from a world of delivery of boxes, and configuration by people sat at a command line

8. When prospective clients are weighing their options, what things should they consider before deciding upon a product/service provider?

Who has control, and who has responsibility are the key considerations. Cloud adoption inherently comes with a shared responsibility model for things like security, but there’s some flexibility over where that line is drawn. In practice that comes down to considerations like who has control over things like key management and cipher suite selection. We like to put as much control as possible into the hands of our customers, whilst at the same time delivering a smooth user experience by offering sensible and secure defaults.

9. How knowledgeable are prospective customers about what the cloud is and how they can use it to further their own corporate objectives?

Cloud knowledge seems to be becoming more diffuse. The market is growing at a crazy speed, and the limited pool of expertise is struggling to keep up. Of course that isn’t helped by the service providers growing the scope of what they can do at an exponential rate. There’s a lot more to the cloud today than there was two, three or five years ago. We get to see the full spectrum, from people who’ve used our stuff for years and are moving on to the next company or project, through to people that need a lot of help getting started, which is why it’s so important for us to partner with the ecosystem whether that’s SIs, ISVs or the cloud providers themselves.

10. Cohesive Networks is a member of the Open Data Center Alliance. What does this mean in terms of how the company does business?

The Open Data Center Alliance (ODCA) has done a great job of taking a customer centric view of what cloud is and what it should be. I first got involved with that from the enterprise side of the fence in my last job, and continuing to stay involved with ODCA seemed like an excellent way of keeping Cohesive in touch with the demands of enterprise customers. The ODCA has also provided us with an excellent marketing platform with their Forecast events and webinar programmes over the past few years.