CTOs to know: Larry Podmolik on Trustwave, cybersecurity, and software developers in Chicago

Written by Sam Dewey
Published on Jan. 26, 2016

In 2015, Trustwave was one of the top digital tech employers in Chicago, clocking in a headcount of 350 at the time. It’s an impressive milestone, and one you can’t reach without a cream-of-the-crop leadership team.

Enter Trustwave’s CTO Larry Podmolik, whose tenure at the cybersecurity giant began over eight years ago. Since then, he’s led a rockstar tech team who have built products and services that millions of businesses the world over depend on to secure their information and assets.

In total, he has racked up over 20 years of experience in building businesses across a number of industries. Here’s what he had to say when we caught up with him to talk tech:

What technologies power your business?

It’s difficult to describe concisely because we have so many services and technology products, ranging from our managed security services to our cloud-based security solutions to rack-mounted security appliances to mobile agents.

In the data center, we’re primarily a Java shop, and we make heavy use of open source frameworks such as Spring and Hibernate. In certain products we use dynamic languages (primarily Ruby and Python) where the increased flexibility is key. Massively scalable data storage is a key requirement for us, due to the sheer number of security events we’re analyzing. We incorporate quite a few technologies for different scenarios, including MySQL, Hadoop, Elasticsearch and MongoDB.

What technologies are playing the biggest roles in Trustwave this year?

The amount of security data we analyze is scaling rapidly, and to meaningfully process that amount of data, we are increasingly relying on Big Data technologies, including Hadoop (HDFS, HBase, Spark, Flume, etc.) and Elasticsearch. We’re also making increasing use of distributed cache and grid computing platforms, such as Infinispan and Ignite.

The next generation of our TrustKeeper customer portal is being built in Dart, Google’s next-generation web language. Dart cross-compiles to JavaScript to run in the browser, but the Dart language and libraries provide us significant advantages for large-scale development, integrating the work of numerous development teams.

What are the biggest tech projects your team is working on this year?

Each year our team delivers major new and enhanced security solutions to the industry, and this year will be no different. We have a number of projects underway designed to expand our portfolio of managed security services, increase the appeal to enterprise clients, and deliver enhanced security technologies. We’re also continuing to transform products which were once only on-site rack-mounted gear into managed security services available through the cloud. As an example, we’re integrating our database, network and application scanning and testing services into a single unified platform called Managed Security Testing.

In terms of scaling the technology, we’re expanding into other regions outside the United States as we partner with telecommunications providers around the globe. These partnerships are rapidly increasing the availability of our managed security services to SMBs and enterprises in areas such as Australia, Canada, and Singapore.

What are the biggest technology challenges you've faced in the past? How did you overcome them?

The security market has seen an increased focus on integration of information. Lots of companies do one thing well, but it can be overwhelming for a customer to attempt to integrate data from dozens of disparate security appliances or services. Solutions need to be centralized and cohesive to provide value to a business, especially when you’re talking about the massive scale of data involved and exponential increases in security events.

One of the newest wrinkles is international data sovereignty, where customers want assurances that their most sensitive security data remains within country or regional boundaries. Achieving this requires more sophisticated architectures, global security operations centers, and data centers to accommodate international customers’ legal and regulatory concerns.

What are lessons you've learned about working in Chicago that other local entrepreneurs can learn from?

Chicago has a lot of critical mass in writing enterprise software, so we’ve focused on the development and management of several cloud offerings here. Software developers in Chicago tend to be more grounded and well-rounded, and many of them also possess “soft” skills that aren’t always associated with deeply technical specialists. Chicago’s traditional strengths in consulting and financial services have resulted in a different breed of techie, which we find incredibly valuable.

How will Chicago specifically continue to strengthen its tech community in 2016?

Chicago is well on its way to becoming a technology hub. It seems that many organizations and technology companies are placing more emphasis on highlighting the accomplishments of the Chicago tech community. I’m excited to see how Chicago grows as a tech center over the next five to 10 years.

Chicago is known for having a large talent pool of thirsty, young workers. What are the top characteristics you look for in a potential hire?

We definitely look for strong technical skills, but there’s a distinct focus on talent and growth potential instead of just checking the boxes on a list of acronyms or certifications. Good communications skills and the ability to work in a team environment are valued heavily. We look for well-rounded candidates who have a mix of experience, while supplementing with fresh talent trained in the newest technologies.

How would your team describe working with you?

I think my team would say I’m demanding at times, but not unreasonable in my expectations. I make an effort to keep my technical skills current, so that I can understand what the team is doing and bring experience to the discussion. In the past, I’ve tended to be very hands-on, perhaps to a fault. We have so many things moving in parallel that, out of necessity, I’ve had to step back from some of the details. Fortunately, I have a very strong group of engineers to take ownership of their particular product lines. Nevertheless, I still write code and contribute to our products where I can, although finding the time can be challenging.

What trends do you see happening in your industry over the next three years? How is Trustwave anticipating those trends and working towards them?

There are several trends in cybersecurity which are tied to the accelerating adoption of cloud services, mainly due to the ability to handle and process more data than ever before. Businesses are experiencing an increase in security events, but also facing a more complex level of threats. The emphasis has broadened from simply trying to prevent every possible attack, to minimizing impact, identifying when an attack has occurred, and responding to incidents in the most efficient manner. This approach requires the incorporation of huge amounts of threat intelligence as well as the ability to make sense of it.

The truth is that many businesses face serious cybercrime risk and lack the resources, skills and time to build out their own security programs which is why we’re seeing so many organizations move to the managed security services model.

What else do you want the Chicago startup community to know about Trustwave?

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. If your company uses technology or handles customer data, you need to consider security from the start. Trustwave fills a lot of roles for SMBs and enterprises, ranging from managed security services to industry-leading security technologies.

 
Want to nominate a CTO for this series? Send us an email via [email protected].
Explore Job Matches.