Over the past 10 years, Tim has played an instrumental part in IT Partners' growth, helping to shape and embed our cyber security strategy. We had the opportunity to sit down with Tim, who has recently transitioned into his new role as Chief Information Security Officer at IT Partners. With a wealth of experience and a forward-thinking approach to cyber security, Tim shared his insights on the evolving landscape of information security, the challenges ahead, and his vision for keeping IT Partners at the forefront of cyber security
Question 1: Can you walk us through your journey within the company? What previous roles have you held, and what major milestones have you achieved?
Ten years ago, I began my journey at IT Partners as a Senior Systems Engineer. Over the years, as the business grew, I had the opportunity to advance from Engineering Team Lead to Head of Engineering, then Chief Technology Officer, and now serve as the Chief Information Security Officer (CISO). This path has been marked by significant personal and technical milestones, including managing an engineering team of over 20 members.
Being part of the management team of a leading New Zealand company has greatly expanded my business knowledge. Witnessing the company's growth, from overseeing 1,000 devices at the start of my journey to now managing over 7,500 devices, has been a wonderful change to see.
Question 2: Can you tell us about your new role and what you’re most excited about?
I am most excited about having direct involvement with more of our clients, extending beyond the services and functions that IT Partners currently provides. This hands-on approach will allow me to better understand the risks that exist in their businesses and help them make informed decisions on how to address those risks. Essentially my goal is to assist executives and board members in sleeping better at night, reducing their worries about the unknown or unexpected.
Question 3: Why is cyber security a major focus for IT Partners?
Traditionally, IT's main focus was on uptime and stability to ensure maximum productivity. While these metrics remain important, the exponential growth in vulnerabilities discovered over the past five to seven years and the frequent breaches of critical data have shifted the perception of where the highest risks exist in digital environments.
When considering both the direct and indirect costs of a breach—monetary, reputational, and human—the impact far outweighs the costs of some downtime of a critical system. With small to medium-sized businesses (SMBs) being the heart and soul of the New Zealand economy, increasing their risk awareness and improving their cyber security posture directly aligns with IT Partners’ foundational principles: “Growing NZ’s productivity and place in the world.”
Question 4: Can you talk about some of the recent security initiatives or projects you’ve been involved in?
One of our recent initiatives in the security space that stands out is our new Penetration Testing service. Offering Penetration Testing that meets best practices and is increasingly required by cyber insurers for New Zealand SMBs has been incredibly rewarding. Historically, the high costs associated with Penetration Tests posed a significant barrier for SMBs looking to implement them.
Another recent initiative involves conducting risk assessments, where I evaluate IT environments against regional specific standards and frameworks such as CertNZ Critical Controls, ACSC Essential Eight, and widely used standards like CIS Controls. These efforts underscore our commitment to enhancing cyber security measures and accessibility for businesses across New Zealand.
Question 5: What advice would you give someone just starting their career in tech?
If you’re interested in pursuing a career in technology, it's crucial to prioritise solidifying the fundamentals before you specialise. Becoming the ultimate generalist applies not only to IT support roles aiming to transition into Technical Consultants or security specialists but to developers and every facet of technology. A robust foundation in the basics facilitates agility and adaptation to inevitable shifts in industry and technology trends.
Secondly, personal investment is key. While earning your first certificate or degree marks the beginning of your journey, fostering a mindset of continuous personal development is vital. This includes expanding technical expertise and enhancing physical and mental health, nurturing lateral thinking, and refining interpersonal skills—all of which accelerate progress towards your career objectives.