Remembering Steve Katz
Back in the mid-1990’s, Frank Ianna , then President of AT&T , called me into his office to ask whether it would be possible to develop a team that could protect the company from network security threats.
There were efforts on-going at the time in Bell Labs to implement security. Steve Bellovin and Bill Cheswick , for example, were experimenting with early packet filters, and the team I’d been part of was trying to make operating systems more secure.
There was also an AT&T Network Security Council developing first-generation network security requirements. This came after AT&T’s circuit switched outage in January 1990 which we thought at first might be Morris Worm 2.0. It was instead a software maintenance flaw – of course.
But from my discussion with Frank, it was clear that he wanted a more formal group with tools and infrastructure that could give us better control during live attacks. It was a great idea, and to this day, I’m impressed that he had the foresight to know that this would be a thing.
So, I started looking around for who might be setting up such a team – and it didn’t take long for me to run into Steve Katz at Citigroup . Our CEO Mike Armstrong was on the Citigroup board, and Sandy Weil , CEO of Citigroup, was on our AT&T Board. So, we worker-bees knew it was wise to connect (ahem).
Steve was so kind to sit down and explain to me how he was now in this brand-new management position (he’d just left JPMC) known as Chief Information Security Officer or CISO.
Steve gave me his card and I looked at it: Chief Information Security Officer – wow, that sounded good. (I'm upset with myself that I misplaced that card. I wish I had it now.)
领英推荐
Anyway, I went back to my boss and asked if I could be a CISO. The answer was sort-of. That is, the company was careful about the word “Officer,” so my title might not change. But wink, wink – went my boss: Put whatever you like on your business card.
And so, modeling myself after Steve, I became a self-dubbed CISO on my business cards – quite possibly the second CISO. Steve and I joked many times about that, and he said it was likely that I was the first outside the company that he’d told about the new position. I'm so proud of that.
Over the years, Steve and I stayed in touch, and when I retired from AT&T and started TAG, Steve became one of the first consultants we hired for projects. We did some jobs together and our proposal would say “Hire the First and Second CISOs Ever.” We made some nice money with that marketing line.
I noticed him slowing down somewhat in recent years, and I am so sad to say that I never really got a chance to thank him for his advice, assistance, friendship, and good humor.
I am certain that wherever Steve is right now, he’s complaining that the security controls are too weak.
Godspeed, Steve.
President of Leisure Operations (aka retired) at Whatever Floats Our Boat Ventures LLC
1 周Steve did not shy away from calling it as it was, once calling out an established information management technology kingdom (which shall remain nameless although long gone) to the king, in support of the insights of the innovation team he was supporting. That courage and support was the most unique I had ever seen!
Business Growth Guide, Architect of CEO Peer Groups, Connector of SMB growth-minded Business Owners, Presidents, and CEOs
9 个月Edward, thanks for sharing!
Agency of Record for Security, Risk & Compliance, and Emerging Technologies (Cloud, SDDC, Data-Driven) Companies
11 个月I'm so sorry to hear this. We enjoyed working with, and getting to know, Steve. He was such an interesting man with such great experience to share! Memory eternal.
CTO, Strategy and Innovation (Cloud & Security)
11 个月Thank you for sharing your story. The tech changes, but the tribal knowledge doesn't. Steve was kind in his delivery in reminding us all of it.