Knowledge 2023!: Get to Know the IRM Authority Team

In our new series?Knowledge 2023!: Get to Know the IRM Authority Team, we have the pleasure of interviewing John Pierce, IRM Solutions Director, who has a diverse background in engineering, marketing, sales, and running an MSSP for medical practices, as well as being an expert in cybersecurity and compliance. Within the ServiceNow space, John is CIS - Risk and Compliance and CSA certified. Outside of ServiceNow, John has his CISSP, CISCO Routing-Switching and CyberOps,?CompTIA CySA+, and Security+ certifications. In this interview, John shares his unique perspective on GRC, the significance of automation in compliance, and his tenacious approach to problem-solving. He also reveals some interesting personal facts, such as his perfect place to live and his ideal dinner guest from history.

Tell us a little bit about yourself

I'm originally from upstate New York in Rochester, with annually one of the least number of sunny days in the continental United States. When I was 11, we moved to Phoenix, Arizona, which statistically has some of the most sunny days in the continental United States. In search of the perfect balance, I settled in Los Angeles, where skiing is 90 minutes away and surfing is 30 minutes away. The ultimate day is hitting the slopes in the morning and surfing in the afternoon. I managed that one time, and it was great.?

Do you have any pets??

I don't have any pets because I already have four children and that's enough excitement for one household. Even though my kids have all moved out, I still don't want to add any more living creatures to take care of. I used to have cats but unfortunately I’m allergic. Interestingly, whenever I visit a friend's house, their cats seem to take a liking to me and always jump on my lap.?

If you could have dinner with anybody in the world from across history, who would it be and why?

As a mechanically inclined person, I would love to meet Leonardo da Vinci and show him the advancements in technology inspired by his drawings. It would be fascinating to see his reactions to things like jet airplanes and cell phones. Given his forward-thinking ideas and drawings, I think he would be able to understand and appreciate the advancements. Overall, it would be a fun and enlightening experience to meet with him.

What is something most people don't know about you?

I started as a manufacturing engineer at Intel optimizing processes to improve yields, then moved into marketing and sales for Texas Instruments. I started my own company which grew to $30 million in three years. After being bought out, I got into IT services for medical practices a Managed Services Security Provider [MSSP], focusing on compliance and building trust with clients.?

What motivated you to join IRM Authority over other companies?

I met Karina at an ISSA monthly meeting and was interested in her compliance work. After a few months and getting ServiceNow – System Administrator certified I realized it was a good fit for me as I can see all the areas that can be automated using existing servers’ reporting capabilities. My background in providing Managed System Security has given me experience with HIPAA and PCI DSS compliance, and I realized that?I can facilitate other companies trying to automate their IRM/GRC policies.

What does GRC mean to you and why is it significant??

Having first-hand experience being attacked on my clients’ networks and being able to recover safely, I know how easy it is for an employee to accidentally click on an email they think is from their boss and allow a virus into the network. All of the checks and balances can’t trump something like that, so GRC must be a mental attitude in a company. Everyone has a part to do, and they need to know what is expected of them.?

GRC refers to the various regulations and standards businesses must comply with, such as HIPAA and PCI DSS. Compliance can be extremely complex and time-consuming, as evidenced by the 488-page document provided by PCI/DSS. I hope to learn more about how automation can simplify this process and generate reports that demonstrate compliance with ease. My aim is for larger companies to automate much of the GRC process with ServiceNow. This would enable them to generate compliance reports at the click of a button, indicating that they meet all the necessary requirements.

What sets you apart from others, and how does it apply to the industry you've primarily worked in?

I differentiate myself by understanding specific client needs, approaching problems from unconventional angles, and thinking outside the box. I have a tenacious attitude and keep pushing until I find a solution, even when others may say it's impossible. This mindset has been helpful in CyberSecurity , where creativity and persistence are crucial for success.

What are you looking forward to at Knowledge2023?

I am looking forward to meeting people from various companies and understanding their roadmap for compliance and what's in the future. It's also an opportunity to meet potential clients and show them how our solution can help them. I believe we have a solution that makes it easier for clients to deal with their IRM solutions. Additionally, I'm hoping to get good training while at the conference.

Where can we find you while you're in Las Vegas?

During the training sessions, I hope to network with potential clients as well as people in the industry who could be valuable contacts, maybe even grabbing a beer with them after hours. Although it's unlikely, I'm also open to the possibility of some casual gambling; maybe hitting the craps table or playing some video poker.

Look out for more interviews with the IRM Authority Team in the coming weeks!

Meet more of the IRM Team below: