August 21, 2025 • 51 mins
Want to build stronger client relationships while navigating the complexities of modern cybersecurity? In this episode of Channel Security Secrets, I sit down with Stacey Horne, President at Stillwater Ecosystem, to talk about the human side of cybersecurity, trust, empathy, and communication.
Stacey shares how humility and relationship-building are key drivers of business success in a high-stakes industry. We dive into the value of simplifying security conversations for executives, proactively strengthening defenses, and working within a strong partner ecosystem. From AI efficiency to risk-based communication, this episode is packed with practical strategies for trusted advisors.
Takeaways
- Why trust and empathy are essential for building lasting client relationships in cybersecurity.
- How simplifying cyber risk for executives improves decision-making and buy-in.
- What it means to take proactive cybersecurity steps that deliver real business ROI.
- Why a trusted partner ecosystem is critical to addressing evolving cyber risks.
- How to use AI thoughtfully while prioritizing data privacy and team training.
Find all episodes, show notes, and resources at: https://www.cdg.io/podcast/
Partner with us: https://www.cdg.io/partner-with-cyber-defense-group/
Quote of the Show
- “ The ability to be known allows for trust to build, and that's one of those key things that I've tried to base my relationships on as one is getting to know folks and then earning their trust over time.” - Stacey Horne
Links
- LinkedIn: https://www.linkedin.com/in/stacey-horne-585b346/
- Company website: https://stillwater-ecosystem.com/
Ways to Tune In
- Spotify: https://open.spotify.com/show/1gIKsOyorKMzQA7wxck4dH?si=ff617df387aa401c
- Apple Podcasts: https://podcasts.apple.com/us/podcast/channel-security-secrets/id1826825461
- Amazon Music: https://music.amazon.com/podcasts/8703d3a3-4128-4691-8862-cb847f53f776/channel-security-secrets
- YouTube: https://www.youtube.com/@ChannelSecuritySecrets
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Lou Rabon (00:01):
Welcome to Channel Security Secrets. I'm Lou Raban.
On this show, we expose theuntold secrets and critical
insights from the people shapingthe future of cybersecurity
sales in the trusted adviserchannel. If you're looking to up
your game around sellingsecurity, stick around. Channel
Security Secrets is brought toyou by Cyber Defense Group on a
mission to shift cybersecurityfrom reactive to resilient.
(00:38):
I'm thrilled to introducetoday's guest. He's a serial
entrepreneur, thought leader,and trusted adviser with over
forty years experience drivingbusiness growth. As a founder of
multiple companies, he's ledglobal expansion and built
powerful distribution andreseller networks worldwide.
He's also a featured speaker atmajor events, including the
Cowtown Business and CapitalSummit. A recognized channel
(01:01):
leader, he's created anecosystem of trusted partners to
address the evolving landscapeof cyber risk.
Let's welcome the president atStillwater Ecosystem, Stacey
Horn. Stacey, welcome to theshow. Thanks, Lou. Great to be
with you today. Looking forwardto it.
Yeah. So, Stacy, just to get itkicked off, what what would you
consider the biggest secret toyour success in the channel?
Stacey Horne (01:24):
Great question to kick it off. So, you know, I'll
address it in three ways. Mygray hair gives away the tenure
of my career and, you know,behind the desk, prechannel by
that, I mean, directrelationships with the providers
and then obviously our morefamiliar model now, the TSDs and
channel. But I will tell youthis, the secret to success is
(01:48):
equally shared among all threestages. And it really starts and
the key for me is relationships.
I find that people want to dobusiness with people. And
confidence grows with beingknown, and the ability to be
known allows for trust to build.And that's one of those key
(02:12):
things that I've tried to basemy relationships on. This one is
getting to know folks and then,earning their trust over time.
And, Lou, for me, it starts withsomething that I think is often
overlooked, which is somehumility because, you know, it's
(02:34):
pretty clear that in this spacethat we're in, there's a lot of
this chest thumping, and I knowmore than you know.
And I will freely confess that Itry to get with people who know
a whole lot more about thedetails of cyber, it's depth and
breadth than myself. I like tofocus on business impact,
(02:56):
business outcome. Tell somestories to the c suite and those
responsible for risks so theycan, have some awareness to make
informed decisions. And sothat's been my model when I was
convincing the CEO of somethingin the early days. And, and,
again, relationship business tome is where it begins and ends.
Lou Rabon (03:19):
Yeah. That that makes a lot of sense. So those
relationships are with the csuite, but all throughout the
org as well, I imagine. It
Stacey Horne (03:29):
is. And and, again, you know, in in the
complex nature of cyber inparticular, you know, when we
think about that, some of thesmartest people in the room are
the c suite, but that's nottheir forte 95% of the time.
Therefore, condensing it and andand delivering it in a way that
doesn't cause them to wanna drawback or acronym. You know?
Lou Rabon (03:56):
Yeah. Heavy. Yeah. Heavy. Heavy.
Yeah. You know?
Stacey Horne (04:00):
They actually really like to understand, you
know, what's the risk profileand, what's my outcome? And, you
know, we can make a cost benefitjustification around it.
Lou Rabon (04:11):
Yeah. So the secret is to have those relationships,
but it's also to understand howto speak to them, especially
when it comes to cyber, becausecyber can be a complicated
topic, and it can be you know,very acronym focused. It can be
very technical. But, you know,for trusted advisers, you've got
(04:32):
the advantage of having comefrom an IT background. You've
got a tech background, so you'recomfortable, you know, kinda
getting into the weeds a bitwhen it when if it if it goes
there.
But you understand how to pullyourself out and speak at a
higher level so the executivesunderstand that, basically.
Stacey Horne (04:50):
Yes. Yes. I I would call myself a snorkeler in
today's world. One time, I mighthave been a scuba diver that
could go deep. But, again, withan ecosystem and and
relationships are both clientfacing as well as partner
facing.
They're all equally important.And, one of those other key
(05:11):
features of relationships isempathy, I think. You know?
Yeah. Try to place yourself and,you know, understand if we think
about that word, really, itmeans to stand under, be
standing in the shoes therein,and then addressing things from
that perspective.
And so, I like to use thatapproach. And, you know, often,
(05:32):
the, IT folks, internally or thehybrid situation that they may
find themselves, the C suite,may be hearing the same thing
from them, so it's veryconfirming or validating. Or it
may give them some business caseemphasis around a technology
presentation. So all thosethings, I'm happy to be a bridge
(05:55):
and a conduit and a facilitatorof those types of things. And
you know, that relationship withthe the channel partners really
is the key there, and I investjust as heavily in those
relationships.
Frankly, Lou, I wanna get toknow them. And if integrity and
(06:16):
a do what do the right thingisn't there, then I wanna
explore the value of the widgetand the offering. If they aren't
there, they could have the bestwidget, but it won't matter in
the long run. So that's mythat's my secret if there is
such a thing. It's not really asecret so much as just trying to
stay consistent.
(06:37):
Not that I am, but I aspire tobe more consistent as I
progress.
Lou Rabon (06:42):
Yeah. I mean, it's a big one. Listen. Being, having
integrity, you know, doing whatyou say you're going to do, you
know, establishing trust. Thingscan go wrong, but, you know, in
ensuring that you're alwaystrying to do the right thing by
the customer, also by thesuppliers.
That's how one builds arelationship or basically a
reputation as well. For thoseTAs that are trying to get into
(07:08):
cyber that maybe they haven'tdipped into it yet, they're
interested, but they're nottechnical, they don't have your
background, how do you speak tothem? How would you help them
trying to get into cyber? Maybethey've sold telecom or
bandwidth or data center, andthey know cyber is a a really
(07:28):
good thing, but they they justhave kind of this intimidation
or wall getting over it. Any anyadvice for them?
Stacey Horne (07:34):
Yeah. Great question. You know, I think
there's some very simple phrasesthat can help, help folks get
introduced, to cyber, and and acouple of them happy to share
is, you know, cyber's agnosticto industry, location, and size.
(07:55):
That means there isn't a clientor a prospect on the planet who
doesn't have to address cyber insome shape, form, or fashion.
And if anyone ever told someonegetting into this space, 100%, I
know it all, I have one piece ofadvice.
I want you to run fast as youcan the opposite direction
(08:17):
because that isn't true. Andeven if it happened to be true,
before the sentence is complete,it won't be true. That's the
evolutionary and expansive waythat the threats are evolving,
and that's one of the reasonsthere's the number of ecosystem
partners that I have, the depthand breadth of that. And so lean
(08:39):
into those relationships. Again,my advice would be to do it
relationship wise.
Get to know your partners thatare gonna be there with you, and
articulate things that raiseawareness to the prospects and
clients that you're going tosee. If you've already, got a
relationship with them, there'sa level of trust there. And, you
(09:02):
know, I like to think aboutthings. Can can we explore this?
And and often there there's somegreat thought leadership that
can be brought by by a partnerif you're in the child and allow
that.
And if you trust them and haverelationship with them, you know
the right ones.
Lou Rabon (09:19):
Yeah. So kick that door open. That's that's what we
say. We say you don't have tohave the conversation. Just know
the right questions to ask and,you know, which is what are you
doing right now?
Do you feel comfortable withyour cyber posture? What what
are some of the questions youask to kind of, you know, scrape
up, break loose some of thoseopportunities?
Stacey Horne (09:40):
Yeah. I often ask them, I say, how do you feel
about cyber in this in theirsilence? So it's like, how about
we try to remove the we don'tknow what we don't know from the
equation? And that's usually agreat starting spot. I ask them
things like, what's your roadmap?
And again, if you hear crickets,go, well, let's work on what it
might look like to create a roadmap. And if they have one, well,
(10:02):
where are you? Because it'soften in the early days of a
journey with cyber, there's thisI've checked those boxes now.
Lou Rabon (10:10):
Mhmm. Exactly.
Stacey Horne (10:11):
And this is a journey, and the journey is the
destination. And I often work Ihave the privilege of working
closely with a significantinsurance brokerage group. And
so for their perspective, whenyou when you get around to
things like cyber insurance,there's boxes to check. And the
(10:34):
mantra was, can I check thoseboxes? And yet the truth is, as
much as they really need thatpolicy in their drawer, you
don't wanna ever pull it out.
Lou Rabon (10:46):
Mhmm.
Stacey Horne (10:47):
It is not the be all end all, and I would advise
folks that are would come backand say things like, I'm in the
cloud. I'm fine. I've got cyberinsurance. I'm fine. I've got
third parties that handle that.
There's some stats that willraise your eyebrows around how
many how often either internalhumans are doing this or a
(11:12):
supplier or a vendor. It's acause. And so, you know, it's
again, there is no one size fitsall, and it's evolving and
ongoing. Frankly, I would sayit's been the number one
business risk, and maybe AI maybump it for a year or two, but
still cybersecurity rides overthe top of that.
Lou Rabon (11:36):
Yeah. Well, as it we're we're gonna speak about AI
in a second because I have theobligatory AI question in there.
Don't get But, to you know, AI,just to, you know, kinda put a
point in that one, AI is like,AI security and AI governance is
data governance and datasecurity because that's what
you're concerned about. Youyou're happy that AI is helping
(11:56):
you out, but you just don't wantit leaking company secrets
because you know, to the public,basically.
Stacey Horne (12:02):
Indeed. Indeed. You know? And I think back, four
or five years ago, you know, andand we were really, really and
still are greatly concerned byshadow IT. But, frankly, shadow
AI is is is running very fastand and furious toward the front
of the line.
Lou Rabon (12:17):
Oh, yeah. For sure. Yeah. So, you know, there's that
again, just to kind of, youknow, look back at what you were
saying that the silver bulletapproach of a vendor is like,
yep. We can solve all yourproblems.
Just sign on the dotted line.That's definitely, oh, you know,
run. Be be be afraid. But alsofor TAs that are trying to get
(12:39):
into the channel, you know,bringing in the experts and then
trying to figure out what, willwill speak to the you know, how
you're going to get the customerto start to speak about their
cyber program and feelcomfortable about it.
Stacey Horne (12:53):
Yes. Yes. And and often ask for just one thing
that they might need. You know?Right.
The idea of the magnitude ofcyber across the platform of of
risk. You know, discoveringwhere they are in a road map and
where they are on their journeyand and understanding how their
(13:14):
budget and and things interactwith that journey. You know,
often you can find anopportunity to be another set of
eyes. Yep. Or perhaps one ofyour partners is willing to
maybe do a courtesy review justto give them some awareness, and
that often leads to, oh, well,there's some things here that
(13:34):
have been discovered.
Would you like some help inaddressing them?
Lou Rabon (13:38):
Yeah. As much as it's a red flag for vendors to be
like, we can solve all your allof your problems, it's also a
red flag for a customer to say,hey. We have cyber covered
because, you know, we both knowno one has cyber fully covered,
even at the highest especiallyat the highest levels of spend
and headcount and all of that.So speaking of size of of
(14:00):
company and industries, what areyou seeing? What are some of the
trends you're seeing,Especially, you've got a long
career doing this.
Are you seeing certainindustries come online with
cyber that you haven't seenbefore? Certain company size,
what's that look like?
Stacey Horne (14:17):
Yeah. Again, I go back to my statement about,
being agnostic, and what I'msaying is the head is pulling
out of the the the ground, youknow, the ostrich buried head
scenario that used to be, I'mjust gonna hope we're fine, and
that truly isn't the case. Andthat can that can no longer be
(14:38):
your answer is, I hope we don'tget hit. That's just not an
effective strategy anymore. So,you know, I'm seeing that moving
all the way down to the lowestlevel companies.
Unfortunately, I'm working onewith one now who literally told
me that, and now I'm helpingthem because they've decided it
was so devastating. They'regonna sell their company. Oh,
(15:01):
wow. But the acquirer wants toknow the same things that they
wouldn't they didn't address.And so we still are gonna have
to go in and just show that onbehalf of the acquirer.
So, you know, there's tremendousdamage for not addressing at the
lower levels. What I'm seeing isthe the multi tiered vendor
(15:24):
supplier chain risk is justexploding, and we we all know
this if we're in the space forany length of time. And when you
think about it, people that relyI think about automobile
dealerships as an example fromnot that long ago, about
eighteen months ago, a coupleyears ago, almost half of the
industry was specificallyconnected in one shape, form, or
(15:47):
fashion to one supplier. Andguess what? The the bad actors
are very keenly aware of themultiplied attack vectors if you
work your way up the supplychain.
And so mid tier companies thatare relying heavily and have
said, no. No. We're good. Needto realize that there's no 100%
(16:13):
guarantee at any levelregardless of the quality of the
folks that are in charge. It'scertainly a risk to address.
Lou Rabon (16:23):
Yeah. Well, yeah, you have your internal team where
they might be solid and be ableto catch stuff, and it might be
an environment, you you know,maybe they don't have 15 global
offices or something. Maybethey've got just satellite
offices in a local area orsomething that's not a huge
footprint. And maybe they're inan industry that doesn't expose
a lot externally, like, youknow, a SaaS platform is a lot
(16:46):
different than perhapsmanufacturing or something like
that. But all of that consideredwhat you're talking about is the
supply chain risk, third partiesthat are in there, like the
manufacturing device, the thethe big machine that has an out
of date operating system thatthe third party has been
(17:09):
charging a fee perhaps tomaintain.
Right? But guess what? Theyhaven't been maintaining it. The
the operating system's end oflife. You know, they didn't give
guidance to the customer thatyou need to segment this off
necessarily.
And then all of a sudden, youknow, they've got an attacker in
their environment. Even if theirteam was top notch, there's no
way they could have preventedthat because they they have no
(17:31):
control over the third party.
Stacey Horne (17:32):
Absolutely. And I've actually gone to calling it
nth instead of Nth. Third, nthlevel.
Lou Rabon (17:40):
Yeah. Because it could be fourth. There's
actually fourth party risk,which is the the suppliers to
your third parties. So
Stacey Horne (17:48):
And your suppliers have suppliers that are also you
know, it really just is morelike a spider web looking thing
than a in a cascading thingthese days. It's so
interconnected. You know, theother thing I'm seeing in
particularly in construction andand energy and where there's a a
just a preponderance of thesenew industrial Internet of
(18:09):
Things and other sensors andthings of that nature. You know,
I was in some discussions aroundoperational technology versus IT
and this this this belief thatOT is pristine and fully
protected. And, you know, thereality is after a lengthy
debate over that, I concededthat he can say this person
(18:32):
could say OT is fully protected,but it has ingress and egress
points, that interact and a lotof data that's captured at the
OT level is very important forbusiness case decisions.
Therefore, let's agree that yourperimeter needs some protection.
Lou Rabon (18:47):
Oh, yeah. Well, listen. OT, that's a whole
topic, and we won't dive toodeeply into that. But I you
know, one word, Stuxnet. Youknow, if they could have gotten
that kind of malware on and, ofcourse, it was a nation state
that or a number of nationstates that created it.
That was an air gapped system,etcetera. But we've worked with
(19:08):
with customers with these OTenvironments. The OT
environments still need to beupdated, and we found out that
the processes that they wereusing to update, you know, when
they would it's it's acompletely air gapped closed
environment, and then they wouldconnect an Internet connected
computer to that environment toupdate it. It's like right
there. There's the hole.
So it's really yeah. Aninteresting conundrum. And and
(19:33):
so, yeah, to your point, Stacy,there is no 100% protection.
There's no, you know, silverbullet, and there's so there's
always risk. It's just the theorganization's appetite for
risk.
Yeah?
Stacey Horne (19:45):
Indeed. Indeed. You know, another area that's
really popping right now is isthe combination of the man in
the middle web website combinedwith access broker capabilities
where you can just go grab, youknow, for for hardly anything,
grab thousands of credentialsand and do some man in the
(20:06):
middle activities. And and folksthat have a quality looking
website may not have a qualityprotected website. And then
Lou Rabon (20:17):
Yeah. Oh, yeah.
Stacey Horne (20:18):
Guys are notorious about finding those gaps.
Lou Rabon (20:21):
Yeah. Yeah. Yeah. Yeah. So, you know, one of the
things that we like to speakabout, rather than because there
are so many ways to get in.
I think a lot of customers haveand a lot of people in general
have breach fatigue. I mean, ifyou're like everyone else, you
know, I know I have at leastfour or five different ID
protection free ID protectionlogins because of all the
(20:45):
breaches that have happenedacross the multiple, you know,
companies. So we don't speakabout breach as much. We that's
almost to your point earlier agiven. So it's more about an ROI
because you, I'm sure, have beenpart of those incident
responses.
We obviously do those all thetime, and we see the impact that
it has on companies when theydon't do you know, they have
(21:09):
that security debt or they makethose assumptions that, hey,
we're we're good to go, And thenall of a sudden, they're down
for two, three weeks. Even ifthey get their data back, even
if they don't have to, pay aransomware, they they have a
productivity hit. And some youknow, that has a a a follow on
effect with customers and thingslike that. So, you know, I think
(21:29):
the ROI Yes. Yeah.
How do you feel about that?
Stacey Horne (21:34):
Yeah. No. I I think you're spot on there. And,
you know, the other part of ofit is often, would ask, c suite
folks, what do you think yourreputational risk would profile
would look like in an instancelike that? I don't know how to
quantify that.
I don't know that we fully canquantify that aspect of it. And
I agree with you. Reach fatigueis real. I like to always come
(22:00):
about conversations with theprospect of let's do some
proactive measures and let'sbuild that stack, if you will,
of proactive measures. Really,what we're trying to do is
harden the target so that atleast at some level, there's
gonna be less interest in youryour infrastructure and your
(22:20):
company if you look to be aharder target.
And so, you know, try to reframethat from being fear,
uncertainty, or doubt. Let'sraise some awareness. Let's talk
about what's possible. There'ssome very no cost and very low
cost things that start thejourney going, And that's one of
(22:41):
the things I have found intrying to build trust is just to
give some courtesy advisory tofolks that I don't know what I
don't know. And where where do Istart?
And and, you know, if youalready have a relationship with
an organization and and you canbring some some expertise to
bear either through theirchannel or if you if you have
(23:03):
that already, I would saythat's, that's like spreading,
broadcasting seed. And it'salso, frankly and I I certainly
am a commercial orientedorganization, but I also aspire
to try to finish well and make adifference. And I have, I would
love the opportunity to continueto try to help folks,
(23:26):
particularly when I think aboutnonprofits and school districts.
Lou Rabon (23:29):
Oh, yeah.
Stacey Horne (23:30):
It's just, oh, what can we do? What here's some
things you might wanna consider.
Lou Rabon (23:34):
Yeah. They're hit hard, especially the I mean, the
school districts. We've we'vedone some some responses at,
educational institutions, bothlarge ones and and, regional
local ones. It's it's notpretty. And and the fact that,
you know, it's an openenvironment, they don't have the
resource to protect themthemselves.
I mean, there's a play there tosay, I I believe that they're
(23:57):
they're eventually, I thinkit'll evolve to where there is
an, kind of a police force for,you know, at least state and
local at the state and locallevel for organizations like
education, utilities, thingslike that. We kinda have that,
but not quite. The FBI jumps inwhen they need to, for some of
(24:20):
the bigger hacks or some of themore critical ones, but almost
like a national a cyber nationalguard. That's been an idea that
we've spoken about a bit. Soit's we'll see.
It's inevitable, I think,unfortunately, that we're gonna
have to get there because asyou've seen, the industry can be
(24:40):
really behind. I mean, you'vebeen doing this for forty plus
years. I've been doing this forthirty plus years. You know,
nothing has really changed withthe way that we've spoken about
this stuff. Like, hey.
You need to protect yourself.Thirty years ago, even, I don't
know, maybe fifteen years ago,you might have been able to go
back to paper or, you know,2025, you know, like but now,
(25:02):
yeah, you're not going to paper.Everyone is a tech company to
what, you know, you your pointearlier, every company needs
some kind of protection. So, youknow, go pivoting a bit to,
like, what excites you about,kind of what's going on in the
industry and and the future?
Stacey Horne (25:21):
Well, I think one of the things that excites me is
now that there's more visibilityand and emphasis on it, we can
do more good. We can get intothe conversation easier. We
could bring value that can bejustified, and we can be
alongside organizations helpingto de risk and mitigate risk and
(25:47):
also transfer risk. All of thosethings are available, but you
have to make that commitment andthere's a lot more listening
ears and inquiring minds wantingto know more than ever before.
And so from that standpoint,someone had asked one time, you
know, what's your lead gen plan?
And frankly, sad to say in somerespects, but happy in others,
(26:11):
that it's so prevalent now thatit's really about trying to do
the best you can and build theright relationships and partners
to be able to addressproactively is the preferred
way. Tried to get this releasedto me and I wasn't successful.
But if you're old enough toremember commercials when we
(26:33):
didn't fast forward to them andor or pay paid to not stream,
you know, without the ads, aFram oil commercial, and they
were they would hold a can ofoil. And behind it was a car on
a rack, and it's a differenceof, hey. Let's get some oil in
the engine and get it runningsmoothly and and protect those
vital things that make yourcompany grow.
(26:57):
You know? And the obvious in thebackground was it's it's more
difficult if you, you know, ifyou're reacting.
Lou Rabon (27:04):
Yeah. So so being proactive excites you, being
able to help. Yes. Yeah. Whichis you're speaking my language,
obviously.
We that's what we do.
Stacey Horne (27:14):
Yes. Yes.
Lou Rabon (27:15):
Yeah. It's always better to do it proactively than
reactively. And and you broughtup the the acquisition before
too earlier. You know, duringdue diligence, there's gonna be
a price bump drop, basically.They're going to say, hey.
And they're always looking. Youknow? You sign the papers. You
you've been through a coupleexits yourself. You know how it
(27:36):
goes.
Like, woah. Big number.Everyone's excited, and then
they start to do diligence. It'slike, well, wait a minute. What
about this?
What about this? So, yeah, whenit gets to the cyber part,
you're actually there's the ROIfor for owners that wanna have
an exit. It's like, oh, youactually we've been part of
this. We actually have one ofour clients that just got
(27:56):
acquired and they're actually,this happened a couple times.
Their security program, becausethey were working with us, is
tighter than the acquirersprogram.
And so that was a a strong pointduring the negotiations for them
where they're like, okay. We'regoing to adopt what you've done
and apply it now to the greaterentity. So you can that there's
(28:16):
there's the proactive pitch thatwill, you know, a c suite person
or an owner founder willunderstand. Yeah?
Stacey Horne (28:24):
Absolutely. I actually that's a great point,
and I've I've advised a numberof companies that go ahead and
dedicate themselves to takingthe proactive model. I said,
Nylon, take that and use that asa business differentiator. Let
your clients and prospects knowwe care about this. We're doing
things about this to try topreempt those things from
(28:47):
happening, do the best they can.
And I and some of my advisory isis more business slash cyber,
but in due diligence and talkingto people that are considering
making acquisitions, always tellthem to have a a model that says
we're gonna do the investigationof cyber. We'll give you the
(29:13):
opportunity to address it. Wewill have a two phase
transaction and we'll withhold xamount for contingent
liabilities and it's never afull payment anymore unless you
have agreed to and adhered tothe criteria that's laid
forward. And so it reallyhighlights the fact that, how
(29:37):
can you address risks thatyou're unaware of? Right?
And we we both know the amountof time that bad actors can be
dormant. And so it's just one ofthose things, again, being
proactive in in the acquisitionspace. And and so, yeah, that's
a biggie. Yes, sir. I'm glad youbrought that up because that
(29:58):
that's a big one.
Both Yeah. Both sides of theequation.
Lou Rabon (30:03):
That's right. That's great advice too to hold on and
have that that bucket for, okay.We're gonna wait. You know? This
is a year out.
We're going to see. You get thisif nothing bad happens after a
year. We don't you know, there'sno surprises, which is typical
for the tax, liability as well.So tax and cyber liability.
(30:23):
Yeah.
Interesting. Yeah. So so on onto the obligatory AI question.
You know, what how are you usingAI today? Is it something that's
part of your workflow?
Stacey Horne (30:35):
Yeah. Great question. So there was a time
probably, from about '78 1978 to1983, I felt like I was on the
front lines. And, now I can talkabout the front lines of days
gone by, and I have a a veryclose relationship and a
(30:56):
relationship with with equityshare with a young man in his
twenties who is amazing inautomation and AI and then
others wrapped around him. Andso we are addressing that, both
with agentic or the agentworkflow type model and then
(31:17):
also exploring generative butvery carefully there because my
belief is you can still seesomething that's generated
artificially.
It's gonna get better, but atthe end of the day, you can do
some curation and things likelike that. And from that, then
(31:40):
distill and then put thenarrative around it to share
cyber bullets, if you will, orcyber conversations can be led
around starting with gatheringmore more efficient gathering of
intel from different sources andthen you try to again, turn that
into a business impact, businessoutcome discussion and tell some
(32:04):
real world stories around that.So, yeah, more on the automate
automotive side than an agentside than the generative side.
I'm kinda old school. I like towrite my own narratives, but I
do like to, get the researchdone a little faster, a lot
faster, three times faster.
Lou Rabon (32:23):
Oh, yeah. Prospecting. Right? If you're
prospecting for a new customer,you're, I mean, that's that's
just brilliant to be able totype it in, give a couple URLs,
and then all of a sudden, you'vegot a good kind of a good
overview. So it's saving time.
AI is saving a lot of time.
Stacey Horne (32:41):
Yes. You know, we we have a I've had relationship
with New Zealand to a smallerdegree, Australia for for many
years. If I move my head thisway, you can actually see New
Zealand.
Lou Rabon (32:52):
Oh, there you go. Yeah.
Stacey Horne (32:53):
I've had twenty twenty plus years now of
interactions with New Zealandand still work with some of the
organizations there, and one ofthem has a particularly
innovative product and service.And the interesting thing is now
with with AI and the curationability, you can customize their
(33:14):
service quite easily. And soit's it's really propelled them
forward in that. So I'm aware ofcompanies that are using it to
their advantage. I'm aware ofcompanies that are using it a
bit, I would say, loosely.
Lou Rabon (33:30):
Mhmm.
Stacey Horne (33:31):
And I I would certainly give a give some
advice that you wanna be verycareful and you wanna have clear
communication across yourorganization about what is
allowed, not allowed. I wouldsuggest sandboxes for testing.
They're on a totally segmentednetwork away from everything
(33:54):
else. And use some innovation toplay around in the sandbox and
do all your curating there. Andand frankly, you know,
particularly with so manycompanies that have trade
secrets or their IP and thingsof that nature, I would never
(34:15):
advise for that to go into anyAI prompt or any type of
questions that you're gonna postto AI, at least at this stage.
Lou Rabon (34:24):
Yeah. Agreed. I there's privacy policies that
say, hey. We're not training onthis data, but guess what?
They're hungry for data, and,you know, we're we've already
seen the way that they'vetreated data.
So I think, yeah, do not trust,you know, for any of the the
really sensitive stuff. I wouldsay, yeah, spin up your own LLM.
Makes sense.
Stacey Horne (34:45):
I think the other thing I'd throw in just just to
maybe a final point on it wouldbe, you know, there's a lot of
hesitancy for folks that maythink their jobs are at online.
So offer some training andprompt engineering or some other
other tools that could allow,your employees that may be at
(35:06):
risk to find new ways to bevaluable to the organization.
That's another thing that I'mseeing is a little bit of
headbutting and resistance, fromthose that think they're
threatened by it rather thanembracing it and maybe finding a
way forward in a in an alteredbut still a productive career
path.
Lou Rabon (35:25):
Yeah. I mean, this is the, the the transition from the
horse to the automobile or, youknow, like, really just a a
major change. So being afraid ofit or being you know, assuming
that it's not going to be big oreven on the other side thinking
it's gonna be something that youneed to avoid completely, not a
good strategy at all. Yeah.Yeah.
(35:48):
For sure. Yeah. So so is there astory, Stacy, that you have
that, like, a personal storydemonstrates where cyber has
had, like, a direct impact onyou personally, on your life or
someone you know?
Stacey Horne (36:01):
Definitely some people that I know. You know,
from my own personal story, I'mthankful to say I haven't had a
a scar there of any magnitude.My wife and I, I think one of
her credit cards once was, for ashort time in play
Lou Rabon (36:19):
That's true.
Stacey Horne (36:19):
But those are easily resolved and and all. And
and so, from the perspective of,an organization's third
generation, Lou, And theirgrandson was as old as I am. And
(36:39):
they had, all they did was movedirt. That was their whole
business. And they moved dirtand their grandfather had signed
up some clients back in his daythat would be you would up and
comers.
And they now occupy tallbuildings in major cities. And
(37:04):
so that client asked them to dosome things cyber security wise,
And I was asked to speak to thegrand the grandson again who's
quite and and actually met withhim twice and he said, you know,
I believe you, Stacy, but we'reour grandfather was a risk
(37:26):
taker. We're a risk taker. Allwe're doing is moving dirt.
We're too small.
Now, unfortunately, that that upand coming business being a
highly sophisticated businessstopped the attempted cyber
attack that came through thatorganization. But that
organization lost that thirdgeneration client and severely
(37:51):
impacted their company. And thatwas one of the last things I
remember was his remorse in notwanting to go from the risk
taking model to what's anacceptable risk. What's the
impact and what's the outcome?And so I I think about that
(38:13):
stories.
I often share, you know, therisk and the reward and how you
how you equate that in today'sworld.
Lou Rabon (38:24):
That that's a good one. I mean, it's a it's a
powerful one, a powerful story,and it definitely illustrates,
like, this person, it'sinteresting. Like, being a risk
taker, that's like, okay. I'mgoing to, you know, bet on a new
technology or I'm going to,maybe, pivot the business to a
new, you know, area orsomething. Not okay.
(38:48):
I know that that that to me,what you're telling me just
blows me away because it's like,okay. I'm driving a car on the
Autobahn at a 150 miles perhour, and I know the brakes
don't work. And I don't haveairbags, and I'd I'm not I'm
just wearing a seat belt. And ifanything bad but I'm a risk
taker. It's like, well, thereit's I don't know.
(39:08):
There's good risk and there'sbad risk, I guess.
Stacey Horne (39:12):
Exactly. There's a difference between taking risk
and being reckless.
Lou Rabon (39:17):
Yeah.
Stacey Horne (39:17):
They they they don't they aren't the same, but
they can be equated as the same.
Lou Rabon (39:22):
Yeah. Yeah. Absolutely. I I mean, this this
might be, divisive, but I'm Ifeel the same way about
motorcycle helmets. You know?
I'm my family lives in Florida.I go down there. I don't know if
Texas has the same laws where Imean, it's pure freedom. If you
don't wanna wear a helmet, youdon't have to. Is it the same
(39:42):
there in Texas?
Stacey Horne (39:44):
You don't have to wear a helmet. And, I always I
always tell people, I said,you're just a meat shield for
the helmet.
Lou Rabon (39:51):
Yeah. Speak to Unfortunately. Speak to an EMS
person. Speak to the people thatrespond to those. They're like,
you know, if you had a helmet,yeah, you might be, you know,
have some major damage, butyou'll survive without a helmet.
It's just like you're you know,the odds that you're playing. So
if you've watched squid game,yeah, it's there's a funny scene
at the end of squid game aboutodds and them calculating
(40:14):
certain odds. But I'm not a hugefan of that show, to be honest,
but that popped in my head. Ijust watched it recently. So so
let's talk about you personally,Stacy.
I mean, you've had such a a agreat career, long career.
You're in Texas. You know,obviously, you you've been
running Stillwater ecosystem forfor a long time now. Before
(40:36):
that, you were in it looks likethe oil and gas area, which by
the way, they have had their ownissues, right, with, hey. We're
just pulling die you know, olddinosaur remnants out of the out
of the, you know, ground, So wedon't need to be protected.
Right? It's
Stacey Horne (40:53):
like Yeah. Yeah.
Lou Rabon (40:54):
Well, how are you communicating with those wells
that are in Papua New Guinea or,you know, somewhere else?
Exactly. Yeah. But so you'vebeen you've been around the the
oil and gas industry and went toOle Miss. You know, I I hope you
guys Got
Stacey Horne (41:09):
it done.
Lou Rabon (41:09):
Yeah. I hope you you beat Florida this year. That
that'll be good because that'sour archrival. But, yeah, what,
you know, that that's a goodkinda, like, summary. But where
when you started Stillwater,what was, like, the the impetus
for that?
Were you like, hey. I'm justdone with IT?
Stacey Horne (41:26):
Or Yeah. Yeah. No. No. No.
I'm I couldn't spell oil and gaswhen I left Mississippi. I
worked on the only computer inmy hometown. And so MIS
education at Ole Miss andworking on the Olin computer in
my hometown, it was 18 milesaway from the school. And a good
(41:48):
friend of mine who had moved outthere sent me clippings in the
paper. That's how long ago itwas for everybody that's
listening.
And so came out to the Texasarea, and everybody said oil and
gas is where you need to be so Ijumped in. I didn't know what I
was doing and most of the teamthat was in IT there was some of
(42:11):
them were about my age now andI'm 22 years old rolling into
there and utilized some of thenew tools and and gadgets that I
had learned and others wereworking on. Many people, you'd
have to go Google it or go to amuseum to see some of the tools
and Fortran and COBOL and allthose languages. And so, a
(42:35):
friend of mine, a dear friend ofmine who who taught me
everything about oil and gas,and I gave him all the keys to
that I had for the new methodsof relational databases, and I
told him what SQL stood for andthings like that. And so we
leveraged that and and had agreat long run, and I stayed in
(42:57):
there, and I thought I'd spendmy whole career in the in that
industry with that company.
And as often happens, we madeacquisitions and treated people
like people, And then we wereacquired and it was spreadsheet
analysis on how I was supposedto cut a team that was my
family, not just coworkers.Relationships matter. They
(43:19):
always have. They always will.And so that's really where
Stillwater was born.
And back in the days when longago, you you know, I went to
Barnes and Nobles, bought anInstacart book, and had one of
those floppy drives that you putin it. And a friend of mine said
if you take an extra $35, youcan get incorporated pretty
(43:43):
quickly in Texas. Buddy of mineand I drove all the way to
Austin, and I had my $35 andwalked in, and the lady across
the counters said, how can Ihelp you? I told her I need to
get my company started becauseI'm gonna do my whole thing.
I've got my money here, and Iunderstand.
She said, slow down. Slow down.Said, young man, you know, you
(44:05):
you keep your $35. You go aroundthree blocks away and have you a
nice, you know, brisket tacobreakfast and come back after a
few hours, and I'll I'll takecare of you. So Stillwater
literally started in a convertedbreezeway from my detached
garage.
I enclosed it, put a t one atthe back of the house, and all
(44:27):
my kids' friends are coming overbecause back then, that was that
was crazy.
Lou Rabon (44:31):
Huge. Oh my god.
Stacey Horne (44:33):
Yeah. Yeah. It was big time. And so from that, it
started from there, and and andStillwater's been around since
the late nineties. And, youknow, it's had iterations.
We were an MSP before that was athree letter acronym. And we
were very fortunate, as Imentioned, in working with New
(44:53):
Zealand for a number of years.And there's fiber that runs all
the way from New Zealand andAustralia to the West Coast. And
one of my my really coolrelationships was with someone
who was a chief technologyofficer at Weta, which is a New
Zealand film company that madeThe Lord of the Rings. And we
(45:17):
took those same computers thatmade that third movie, and we
used them to process seismicprocessing software from a Texas
based company who had NewZealand holdings.
And my one and only time to makeit to the Houston Business
Journal, and it had my picture,But, unfortunately, instead of
(45:40):
my face, it had if you've seenthe movies, you know, the orcs
and the and they had the whiteNo. So the good news and
everybody's teasing me. Theysay, I really love that picture.
Lou Rabon (45:52):
That's hilarious. Did and you had no idea they were
gonna do that.
Stacey Horne (45:57):
No. No. No. They they actually just interviewed
me, and I think it was, like,lord of the rings meets energy
capital or something like that.
Lou Rabon (46:04):
That's hilarious.
Stacey Horne (46:05):
So that was a surprise to me and everyone
else. But I would say this. II've enjoyed, building
relationships at Stillwater.It's, the name comes from two
things. He leaves me besideStillwater, And then a high
school friend of mine wasintroducing me to someone and
(46:27):
said kinda one of those and saidhe Stillwater runs deep.
And so that's where the namecame from. It's been a journey
that I will continue because Ireally enjoy what I do. Trying
to be a little morephilanthropic on the advisory
side as I move forward and wellpositioned with these ecosystem
(46:48):
leaders or trusted leaders.Happy to say that your
organization, we met because ofrelationship, and you guys are
are in that in that camp. And Ireally appreciate the
opportunity just to share withyou, and, hopefully, one or two
things that were said might beuseful to others.
Lou Rabon (47:06):
Yeah. Yeah. Thanks, Stacy. Oh, what are you doing in
your spare time other thanphilanthropic stuff before we,
we close-up?
Stacey Horne (47:14):
Well, I got 10 grandkids.
Lou Rabon (47:16):
And Oh my gosh.
Stacey Horne (47:17):
Yeah. Yeah. And and they're all in Texas, so
I've got my loop that I make,and I enjoy golf. I actually
played Tour eighteen a coupledays ago, which has replica
holes, and I I parred this theSarbreast 17, the Island Green.
I parred that one, and I was wonover in Amen Corner Nice.
(47:38):
From the Masters group of holesthere. So I enjoy that, and I do
a little fishing from time totime. But I put them in the
right order. Grandkids, golf,fishing.
Lou Rabon (47:50):
Yeah. Fishing. That sounds good. Always the
grandkids first. That's I'm I'mnot far from that.
I don't think well, hopefully, Iam because my boys are still in
high school, but Mhmm. Coupleyears from now, I think, maybe.
Nice. So yeah.
Stacey Horne (48:08):
One one last thing there. The the good news is the
beauty of being a parent is whenyou when they're the grandkids,
you spoil them and hand themback.
Lou Rabon (48:17):
Right. Yeah. It's and then they the the kids get angry
at you because they're like, youcan't do that. They're not
allowed to do that at home. It'slike, well, that's what being a
grandparent is about.
Right? Exactly. Exactly. That'sgreat. That's great.
So so where can people connectwith you online?
Stacey Horne (48:34):
Well, certainly, I'm on LinkedIn.
Lou Rabon (48:37):
Mhmm.
Stacey Horne (48:37):
And that's the best way. And, you know, you
won't find any fancy smancywebsite because, basically, we
have one that's pretty basicbecause it really is someone
said, well, can you give me aone pager on cybersecurity? And
I said, no. I don't know if Ican give you a novel that could
(49:00):
cover cybersecurity. And the thethe additions of it would have
to be updated so often that itit doesn't make sense.
And so I really try to staycurrent, and, you know, I'm I'm
more likely to put something outon LinkedIn that's gonna be a
pause and reflect, and it'sgonna be the latest widget that
(49:20):
I've discovered. And, you know,those are really the platforms.
I mean, we really are trying toget philanthropic around thought
leadership, and and that's backto my my friend I mentioned
that's a young man withautomation. We're trying to get
some things we can share on aregular basis, and we hope we're
(49:41):
hopeful that's gonna helpeveryone to some some degree
raise awareness and maybe takesome action that they hadn't
considered.
Lou Rabon (49:50):
Good. Well, it sounds like there's a a release coming
out soon, so stay tuned forthat. You know, when you're
ready, pop it on LinkedIn. Sobest place to find you LinkedIn,
stillwaterecosystem.com, butdon't you won't be blown away by
that website. That isintentional.
You know? Somebody said, are
Stacey Horne (50:09):
you gonna we'll start putting stuff out there
once we start this cadence of ofthought leadership with a little
more regularity. It's usually alittle bit more like this, or I
I actually enjoy speaking liveand in person because there's an
essence of being in person withfolks and that dialogue that
happens afterwards thatsometimes my granny used to say
(50:33):
it's better felt than tilt. It'salmost like you look someone in
the eye, shake them, have aconversation over coffee or a
beverage or whatever. You know?There's there's something there
that's just hard to replicate,in the virtual world.
Lou Rabon (50:48):
100%. That that's becomes more important in the
world of AI, and and all ofthese manufactured everything
online, you know, welloverwhelming news that we we
really don't need news as muchas we're getting it. So, yeah,
it's, it's I think the face toface human interaction is is is
(51:09):
becoming even more important.So, Stacy Horn, thank you so
much.
Stacey Horne (51:15):
Lou, it's been a pleasure. Thanks for the
opportunity and then invite.
Lou Rabon (51:19):
And and thank you to those that are watching and or
listening. If you learnedsomething today or laughed,
please tell someone about thispodcast. Thanks again, Stacy.
And this has been anotherexciting episode of Channel
Security Secrets. See you soon.
That's a wrap for this episodeof Channel Security Secrets.
Thanks for tuning in. For shownotes, guest info, and more
(51:40):
episodes, visit us atchannelsecuritysecrets.com.
Channel Security Secrets issponsored by Cyber Defense
Group. When it comes toprotecting your business, don't
settle for reactive.
Partner with experts who buildresilience from the ground up.
Welcome to Channel Security Secrets. I'm Lou Raban.
On this show, we expose theuntold secrets and critical
insights from the people shapingthe future of cybersecurity
sales in the trusted adviserchannel. If you're looking to up
your game around sellingsecurity, stick around. Channel
Security Secrets is brought toyou by Cyber Defense Group on a
mission to shift cybersecurityfrom reactive to resilient.
(00:38):
I'm thrilled to introducetoday's guest. He's a serial
entrepreneur, thought leader,and trusted adviser with over
forty years experience drivingbusiness growth. As a founder of
multiple companies, he's ledglobal expansion and built
powerful distribution andreseller networks worldwide.
He's also a featured speaker atmajor events, including the
Cowtown Business and CapitalSummit. A recognized channel
(01:01):
leader, he's created anecosystem of trusted partners to
address the evolving landscapeof cyber risk.
Let's welcome the president atStillwater Ecosystem, Stacey
Horn. Stacey, welcome to theshow. Thanks, Lou. Great to be
with you today. Looking forwardto it.
Yeah. So, Stacy, just to get itkicked off, what what would you
consider the biggest secret toyour success in the channel?
Stacey Horne (01:24):
Great question to kick it off. So, you know, I'll
address it in three ways. Mygray hair gives away the tenure
of my career and, you know,behind the desk, prechannel by
that, I mean, directrelationships with the providers
and then obviously our morefamiliar model now, the TSDs and
channel. But I will tell youthis, the secret to success is
(01:48):
equally shared among all threestages. And it really starts and
the key for me is relationships.
I find that people want to dobusiness with people. And
confidence grows with beingknown, and the ability to be
known allows for trust to build.And that's one of those key
(02:12):
things that I've tried to basemy relationships on. This one is
getting to know folks and then,earning their trust over time.
And, Lou, for me, it starts withsomething that I think is often
overlooked, which is somehumility because, you know, it's
(02:34):
pretty clear that in this spacethat we're in, there's a lot of
this chest thumping, and I knowmore than you know.
And I will freely confess that Itry to get with people who know
a whole lot more about thedetails of cyber, it's depth and
breadth than myself. I like tofocus on business impact,
(02:56):
business outcome. Tell somestories to the c suite and those
responsible for risks so theycan, have some awareness to make
informed decisions. And sothat's been my model when I was
convincing the CEO of somethingin the early days. And, and,
again, relationship business tome is where it begins and ends.
Lou Rabon (03:19):
Yeah. That that makes a lot of sense. So those
relationships are with the csuite, but all throughout the
org as well, I imagine. It
Stacey Horne (03:29):
is. And and, again, you know, in in the
complex nature of cyber inparticular, you know, when we
think about that, some of thesmartest people in the room are
the c suite, but that's nottheir forte 95% of the time.
Therefore, condensing it and andand delivering it in a way that
doesn't cause them to wanna drawback or acronym. You know?
Lou Rabon (03:56):
Yeah. Heavy. Yeah. Heavy. Heavy.
Yeah. You know?
Stacey Horne (04:00):
They actually really like to understand, you
know, what's the risk profileand, what's my outcome? And, you
know, we can make a cost benefitjustification around it.
Lou Rabon (04:11):
Yeah. So the secret is to have those relationships,
but it's also to understand howto speak to them, especially
when it comes to cyber, becausecyber can be a complicated
topic, and it can be you know,very acronym focused. It can be
very technical. But, you know,for trusted advisers, you've got
(04:32):
the advantage of having comefrom an IT background. You've
got a tech background, so you'recomfortable, you know, kinda
getting into the weeds a bitwhen it when if it if it goes
there.
But you understand how to pullyourself out and speak at a
higher level so the executivesunderstand that, basically.
Stacey Horne (04:50):
Yes. Yes. I I would call myself a snorkeler in
today's world. One time, I mighthave been a scuba diver that
could go deep. But, again, withan ecosystem and and
relationships are both clientfacing as well as partner
facing.
They're all equally important.And, one of those other key
(05:11):
features of relationships isempathy, I think. You know?
Yeah. Try to place yourself and,you know, understand if we think
about that word, really, itmeans to stand under, be
standing in the shoes therein,and then addressing things from
that perspective.
And so, I like to use thatapproach. And, you know, often,
(05:32):
the, IT folks, internally or thehybrid situation that they may
find themselves, the C suite,may be hearing the same thing
from them, so it's veryconfirming or validating. Or it
may give them some business caseemphasis around a technology
presentation. So all thosethings, I'm happy to be a bridge
(05:55):
and a conduit and a facilitatorof those types of things. And
you know, that relationship withthe the channel partners really
is the key there, and I investjust as heavily in those
relationships.
Frankly, Lou, I wanna get toknow them. And if integrity and
(06:16):
a do what do the right thingisn't there, then I wanna
explore the value of the widgetand the offering. If they aren't
there, they could have the bestwidget, but it won't matter in
the long run. So that's mythat's my secret if there is
such a thing. It's not really asecret so much as just trying to
stay consistent.
(06:37):
Not that I am, but I aspire tobe more consistent as I
progress.
Lou Rabon (06:42):
Yeah. I mean, it's a big one. Listen. Being, having
integrity, you know, doing whatyou say you're going to do, you
know, establishing trust. Thingscan go wrong, but, you know, in
ensuring that you're alwaystrying to do the right thing by
the customer, also by thesuppliers.
That's how one builds arelationship or basically a
reputation as well. For thoseTAs that are trying to get into
(07:08):
cyber that maybe they haven'tdipped into it yet, they're
interested, but they're nottechnical, they don't have your
background, how do you speak tothem? How would you help them
trying to get into cyber? Maybethey've sold telecom or
bandwidth or data center, andthey know cyber is a a really
(07:28):
good thing, but they they justhave kind of this intimidation
or wall getting over it. Any anyadvice for them?
Stacey Horne (07:34):
Yeah. Great question. You know, I think
there's some very simple phrasesthat can help, help folks get
introduced, to cyber, and and acouple of them happy to share
is, you know, cyber's agnosticto industry, location, and size.
(07:55):
That means there isn't a clientor a prospect on the planet who
doesn't have to address cyber insome shape, form, or fashion.
And if anyone ever told someonegetting into this space, 100%, I
know it all, I have one piece ofadvice.
I want you to run fast as youcan the opposite direction
(08:17):
because that isn't true. Andeven if it happened to be true,
before the sentence is complete,it won't be true. That's the
evolutionary and expansive waythat the threats are evolving,
and that's one of the reasonsthere's the number of ecosystem
partners that I have, the depthand breadth of that. And so lean
(08:39):
into those relationships. Again,my advice would be to do it
relationship wise.
Get to know your partners thatare gonna be there with you, and
articulate things that raiseawareness to the prospects and
clients that you're going tosee. If you've already, got a
relationship with them, there'sa level of trust there. And, you
(09:02):
know, I like to think aboutthings. Can can we explore this?
And and often there there's somegreat thought leadership that
can be brought by by a partnerif you're in the child and allow
that.
And if you trust them and haverelationship with them, you know
the right ones.
Lou Rabon (09:19):
Yeah. So kick that door open. That's that's what we
say. We say you don't have tohave the conversation. Just know
the right questions to ask and,you know, which is what are you
doing right now?
Do you feel comfortable withyour cyber posture? What what
are some of the questions youask to kind of, you know, scrape
up, break loose some of thoseopportunities?
Stacey Horne (09:40):
Yeah. I often ask them, I say, how do you feel
about cyber in this in theirsilence? So it's like, how about
we try to remove the we don'tknow what we don't know from the
equation? And that's usually agreat starting spot. I ask them
things like, what's your roadmap?
And again, if you hear crickets,go, well, let's work on what it
might look like to create a roadmap. And if they have one, well,
(10:02):
where are you? Because it'soften in the early days of a
journey with cyber, there's thisI've checked those boxes now.
Lou Rabon (10:10):
Mhmm. Exactly.
Stacey Horne (10:11):
And this is a journey, and the journey is the
destination. And I often work Ihave the privilege of working
closely with a significantinsurance brokerage group. And
so for their perspective, whenyou when you get around to
things like cyber insurance,there's boxes to check. And the
(10:34):
mantra was, can I check thoseboxes? And yet the truth is, as
much as they really need thatpolicy in their drawer, you
don't wanna ever pull it out.
Lou Rabon (10:46):
Mhmm.
Stacey Horne (10:47):
It is not the be all end all, and I would advise
folks that are would come backand say things like, I'm in the
cloud. I'm fine. I've got cyberinsurance. I'm fine. I've got
third parties that handle that.
There's some stats that willraise your eyebrows around how
many how often either internalhumans are doing this or a
(11:12):
supplier or a vendor. It's acause. And so, you know, it's
again, there is no one size fitsall, and it's evolving and
ongoing. Frankly, I would sayit's been the number one
business risk, and maybe AI maybump it for a year or two, but
still cybersecurity rides overthe top of that.
Lou Rabon (11:36):
Yeah. Well, as it we're we're gonna speak about AI
in a second because I have theobligatory AI question in there.
Don't get But, to you know, AI,just to, you know, kinda put a
point in that one, AI is like,AI security and AI governance is
data governance and datasecurity because that's what
you're concerned about. Youyou're happy that AI is helping
(11:56):
you out, but you just don't wantit leaking company secrets
because you know, to the public,basically.
Stacey Horne (12:02):
Indeed. Indeed. You know? And I think back, four
or five years ago, you know, andand we were really, really and
still are greatly concerned byshadow IT. But, frankly, shadow
AI is is is running very fastand and furious toward the front
of the line.
Lou Rabon (12:17):
Oh, yeah. For sure. Yeah. So, you know, there's that
again, just to kind of, youknow, look back at what you were
saying that the silver bulletapproach of a vendor is like,
yep. We can solve all yourproblems.
Just sign on the dotted line.That's definitely, oh, you know,
run. Be be be afraid. But alsofor TAs that are trying to get
(12:39):
into the channel, you know,bringing in the experts and then
trying to figure out what, willwill speak to the you know, how
you're going to get the customerto start to speak about their
cyber program and feelcomfortable about it.
Stacey Horne (12:53):
Yes. Yes. And and often ask for just one thing
that they might need. You know?Right.
The idea of the magnitude ofcyber across the platform of of
risk. You know, discoveringwhere they are in a road map and
where they are on their journeyand and understanding how their
(13:14):
budget and and things interactwith that journey. You know,
often you can find anopportunity to be another set of
eyes. Yep. Or perhaps one ofyour partners is willing to
maybe do a courtesy review justto give them some awareness, and
that often leads to, oh, well,there's some things here that
(13:34):
have been discovered.
Would you like some help inaddressing them?
Lou Rabon (13:38):
Yeah. As much as it's a red flag for vendors to be
like, we can solve all your allof your problems, it's also a
red flag for a customer to say,hey. We have cyber covered
because, you know, we both knowno one has cyber fully covered,
even at the highest especiallyat the highest levels of spend
and headcount and all of that.So speaking of size of of
(14:00):
company and industries, what areyou seeing? What are some of the
trends you're seeing,Especially, you've got a long
career doing this.
Are you seeing certainindustries come online with
cyber that you haven't seenbefore? Certain company size,
what's that look like?
Stacey Horne (14:17):
Yeah. Again, I go back to my statement about,
being agnostic, and what I'msaying is the head is pulling
out of the the the ground, youknow, the ostrich buried head
scenario that used to be, I'mjust gonna hope we're fine, and
that truly isn't the case. Andthat can that can no longer be
(14:38):
your answer is, I hope we don'tget hit. That's just not an
effective strategy anymore. So,you know, I'm seeing that moving
all the way down to the lowestlevel companies.
Unfortunately, I'm working onewith one now who literally told
me that, and now I'm helpingthem because they've decided it
was so devastating. They'regonna sell their company. Oh,
(15:01):
wow. But the acquirer wants toknow the same things that they
wouldn't they didn't address.And so we still are gonna have
to go in and just show that onbehalf of the acquirer.
So, you know, there's tremendousdamage for not addressing at the
lower levels. What I'm seeing isthe the multi tiered vendor
(15:24):
supplier chain risk is justexploding, and we we all know
this if we're in the space forany length of time. And when you
think about it, people that relyI think about automobile
dealerships as an example fromnot that long ago, about
eighteen months ago, a coupleyears ago, almost half of the
industry was specificallyconnected in one shape, form, or
(15:47):
fashion to one supplier. Andguess what? The the bad actors
are very keenly aware of themultiplied attack vectors if you
work your way up the supplychain.
And so mid tier companies thatare relying heavily and have
said, no. No. We're good. Needto realize that there's no 100%
(16:13):
guarantee at any levelregardless of the quality of the
folks that are in charge. It'scertainly a risk to address.
Lou Rabon (16:23):
Yeah. Well, yeah, you have your internal team where
they might be solid and be ableto catch stuff, and it might be
an environment, you you know,maybe they don't have 15 global
offices or something. Maybethey've got just satellite
offices in a local area orsomething that's not a huge
footprint. And maybe they're inan industry that doesn't expose
a lot externally, like, youknow, a SaaS platform is a lot
(16:46):
different than perhapsmanufacturing or something like
that. But all of that consideredwhat you're talking about is the
supply chain risk, third partiesthat are in there, like the
manufacturing device, the thethe big machine that has an out
of date operating system thatthe third party has been
(17:09):
charging a fee perhaps tomaintain.
Right? But guess what? Theyhaven't been maintaining it. The
the operating system's end oflife. You know, they didn't give
guidance to the customer thatyou need to segment this off
necessarily.
And then all of a sudden, youknow, they've got an attacker in
their environment. Even if theirteam was top notch, there's no
way they could have preventedthat because they they have no
(17:31):
control over the third party.
Stacey Horne (17:32):
Absolutely. And I've actually gone to calling it
nth instead of Nth. Third, nthlevel.
Lou Rabon (17:40):
Yeah. Because it could be fourth. There's
actually fourth party risk,which is the the suppliers to
your third parties. So
Stacey Horne (17:48):
And your suppliers have suppliers that are also you
know, it really just is morelike a spider web looking thing
than a in a cascading thingthese days. It's so
interconnected. You know, theother thing I'm seeing in
particularly in construction andand energy and where there's a a
just a preponderance of thesenew industrial Internet of
(18:09):
Things and other sensors andthings of that nature. You know,
I was in some discussions aroundoperational technology versus IT
and this this this belief thatOT is pristine and fully
protected. And, you know, thereality is after a lengthy
debate over that, I concededthat he can say this person
(18:32):
could say OT is fully protected,but it has ingress and egress
points, that interact and a lotof data that's captured at the
OT level is very important forbusiness case decisions.
Therefore, let's agree that yourperimeter needs some protection.
Lou Rabon (18:47):
Oh, yeah. Well, listen. OT, that's a whole
topic, and we won't dive toodeeply into that. But I you
know, one word, Stuxnet. Youknow, if they could have gotten
that kind of malware on and, ofcourse, it was a nation state
that or a number of nationstates that created it.
That was an air gapped system,etcetera. But we've worked with
(19:08):
with customers with these OTenvironments. The OT
environments still need to beupdated, and we found out that
the processes that they wereusing to update, you know, when
they would it's it's acompletely air gapped closed
environment, and then they wouldconnect an Internet connected
computer to that environment toupdate it. It's like right
there. There's the hole.
So it's really yeah. Aninteresting conundrum. And and
(19:33):
so, yeah, to your point, Stacy,there is no 100% protection.
There's no, you know, silverbullet, and there's so there's
always risk. It's just the theorganization's appetite for
risk.
Yeah?
Stacey Horne (19:45):
Indeed. Indeed. You know, another area that's
really popping right now is isthe combination of the man in
the middle web website combinedwith access broker capabilities
where you can just go grab, youknow, for for hardly anything,
grab thousands of credentialsand and do some man in the
(20:06):
middle activities. And and folksthat have a quality looking
website may not have a qualityprotected website. And then
Lou Rabon (20:17):
Yeah. Oh, yeah.
Stacey Horne (20:18):
Guys are notorious about finding those gaps.
Lou Rabon (20:21):
Yeah. Yeah. Yeah. Yeah. So, you know, one of the
things that we like to speakabout, rather than because there
are so many ways to get in.
I think a lot of customers haveand a lot of people in general
have breach fatigue. I mean, ifyou're like everyone else, you
know, I know I have at leastfour or five different ID
protection free ID protectionlogins because of all the
(20:45):
breaches that have happenedacross the multiple, you know,
companies. So we don't speakabout breach as much. We that's
almost to your point earlier agiven. So it's more about an ROI
because you, I'm sure, have beenpart of those incident
responses.
We obviously do those all thetime, and we see the impact that
it has on companies when theydon't do you know, they have
(21:09):
that security debt or they makethose assumptions that, hey,
we're we're good to go, And thenall of a sudden, they're down
for two, three weeks. Even ifthey get their data back, even
if they don't have to, pay aransomware, they they have a
productivity hit. And some youknow, that has a a a follow on
effect with customers and thingslike that. So, you know, I think
(21:29):
the ROI Yes. Yeah.
How do you feel about that?
Stacey Horne (21:34):
Yeah. No. I I think you're spot on there. And,
you know, the other part of ofit is often, would ask, c suite
folks, what do you think yourreputational risk would profile
would look like in an instancelike that? I don't know how to
quantify that.
I don't know that we fully canquantify that aspect of it. And
I agree with you. Reach fatigueis real. I like to always come
(22:00):
about conversations with theprospect of let's do some
proactive measures and let'sbuild that stack, if you will,
of proactive measures. Really,what we're trying to do is
harden the target so that atleast at some level, there's
gonna be less interest in youryour infrastructure and your
(22:20):
company if you look to be aharder target.
And so, you know, try to reframethat from being fear,
uncertainty, or doubt. Let'sraise some awareness. Let's talk
about what's possible. There'ssome very no cost and very low
cost things that start thejourney going, And that's one of
(22:41):
the things I have found intrying to build trust is just to
give some courtesy advisory tofolks that I don't know what I
don't know. And where where do Istart?
And and, you know, if youalready have a relationship with
an organization and and you canbring some some expertise to
bear either through theirchannel or if you if you have
(23:03):
that already, I would saythat's, that's like spreading,
broadcasting seed. And it'salso, frankly and I I certainly
am a commercial orientedorganization, but I also aspire
to try to finish well and make adifference. And I have, I would
love the opportunity to continueto try to help folks,
(23:26):
particularly when I think aboutnonprofits and school districts.
Lou Rabon (23:29):
Oh, yeah.
Stacey Horne (23:30):
It's just, oh, what can we do? What here's some
things you might wanna consider.
Lou Rabon (23:34):
Yeah. They're hit hard, especially the I mean, the
school districts. We've we'vedone some some responses at,
educational institutions, bothlarge ones and and, regional
local ones. It's it's notpretty. And and the fact that,
you know, it's an openenvironment, they don't have the
resource to protect themthemselves.
I mean, there's a play there tosay, I I believe that they're
(23:57):
they're eventually, I thinkit'll evolve to where there is
an, kind of a police force for,you know, at least state and
local at the state and locallevel for organizations like
education, utilities, thingslike that. We kinda have that,
but not quite. The FBI jumps inwhen they need to, for some of
(24:20):
the bigger hacks or some of themore critical ones, but almost
like a national a cyber nationalguard. That's been an idea that
we've spoken about a bit. Soit's we'll see.
It's inevitable, I think,unfortunately, that we're gonna
have to get there because asyou've seen, the industry can be
(24:40):
really behind. I mean, you'vebeen doing this for forty plus
years. I've been doing this forthirty plus years. You know,
nothing has really changed withthe way that we've spoken about
this stuff. Like, hey.
You need to protect yourself.Thirty years ago, even, I don't
know, maybe fifteen years ago,you might have been able to go
back to paper or, you know,2025, you know, like but now,
(25:02):
yeah, you're not going to paper.Everyone is a tech company to
what, you know, you your pointearlier, every company needs
some kind of protection. So, youknow, go pivoting a bit to,
like, what excites you about,kind of what's going on in the
industry and and the future?
Stacey Horne (25:21):
Well, I think one of the things that excites me is
now that there's more visibilityand and emphasis on it, we can
do more good. We can get intothe conversation easier. We
could bring value that can bejustified, and we can be
alongside organizations helpingto de risk and mitigate risk and
(25:47):
also transfer risk. All of thosethings are available, but you
have to make that commitment andthere's a lot more listening
ears and inquiring minds wantingto know more than ever before.
And so from that standpoint,someone had asked one time, you
know, what's your lead gen plan?
And frankly, sad to say in somerespects, but happy in others,
(26:11):
that it's so prevalent now thatit's really about trying to do
the best you can and build theright relationships and partners
to be able to addressproactively is the preferred
way. Tried to get this releasedto me and I wasn't successful.
But if you're old enough toremember commercials when we
(26:33):
didn't fast forward to them andor or pay paid to not stream,
you know, without the ads, aFram oil commercial, and they
were they would hold a can ofoil. And behind it was a car on
a rack, and it's a differenceof, hey. Let's get some oil in
the engine and get it runningsmoothly and and protect those
vital things that make yourcompany grow.
(26:57):
You know? And the obvious in thebackground was it's it's more
difficult if you, you know, ifyou're reacting.
Lou Rabon (27:04):
Yeah. So so being proactive excites you, being
able to help. Yes. Yeah. Whichis you're speaking my language,
obviously.
We that's what we do.
Stacey Horne (27:14):
Yes. Yes.
Lou Rabon (27:15):
Yeah. It's always better to do it proactively than
reactively. And and you broughtup the the acquisition before
too earlier. You know, duringdue diligence, there's gonna be
a price bump drop, basically.They're going to say, hey.
And they're always looking. Youknow? You sign the papers. You
you've been through a coupleexits yourself. You know how it
(27:36):
goes.
Like, woah. Big number.Everyone's excited, and then
they start to do diligence. It'slike, well, wait a minute. What
about this?
What about this? So, yeah, whenit gets to the cyber part,
you're actually there's the ROIfor for owners that wanna have
an exit. It's like, oh, youactually we've been part of
this. We actually have one ofour clients that just got
(27:56):
acquired and they're actually,this happened a couple times.
Their security program, becausethey were working with us, is
tighter than the acquirersprogram.
And so that was a a strong pointduring the negotiations for them
where they're like, okay. We'regoing to adopt what you've done
and apply it now to the greaterentity. So you can that there's
(28:16):
there's the proactive pitch thatwill, you know, a c suite person
or an owner founder willunderstand. Yeah?
Stacey Horne (28:24):
Absolutely. I actually that's a great point,
and I've I've advised a numberof companies that go ahead and
dedicate themselves to takingthe proactive model. I said,
Nylon, take that and use that asa business differentiator. Let
your clients and prospects knowwe care about this. We're doing
things about this to try topreempt those things from
(28:47):
happening, do the best they can.
And I and some of my advisory isis more business slash cyber,
but in due diligence and talkingto people that are considering
making acquisitions, always tellthem to have a a model that says
we're gonna do the investigationof cyber. We'll give you the
(29:13):
opportunity to address it. Wewill have a two phase
transaction and we'll withhold xamount for contingent
liabilities and it's never afull payment anymore unless you
have agreed to and adhered tothe criteria that's laid
forward. And so it reallyhighlights the fact that, how
(29:37):
can you address risks thatyou're unaware of? Right?
And we we both know the amountof time that bad actors can be
dormant. And so it's just one ofthose things, again, being
proactive in in the acquisitionspace. And and so, yeah, that's
a biggie. Yes, sir. I'm glad youbrought that up because that
(29:58):
that's a big one.
Both Yeah. Both sides of theequation.
Lou Rabon (30:03):
That's right. That's great advice too to hold on and
have that that bucket for, okay.We're gonna wait. You know? This
is a year out.
We're going to see. You get thisif nothing bad happens after a
year. We don't you know, there'sno surprises, which is typical
for the tax, liability as well.So tax and cyber liability.
(30:23):
Yeah.
Interesting. Yeah. So so on onto the obligatory AI question.
You know, what how are you usingAI today? Is it something that's
part of your workflow?
Stacey Horne (30:35):
Yeah. Great question. So there was a time
probably, from about '78 1978 to1983, I felt like I was on the
front lines. And, now I can talkabout the front lines of days
gone by, and I have a a veryclose relationship and a
(30:56):
relationship with with equityshare with a young man in his
twenties who is amazing inautomation and AI and then
others wrapped around him. Andso we are addressing that, both
with agentic or the agentworkflow type model and then
(31:17):
also exploring generative butvery carefully there because my
belief is you can still seesomething that's generated
artificially.
It's gonna get better, but atthe end of the day, you can do
some curation and things likelike that. And from that, then
(31:40):
distill and then put thenarrative around it to share
cyber bullets, if you will, orcyber conversations can be led
around starting with gatheringmore more efficient gathering of
intel from different sources andthen you try to again, turn that
into a business impact, businessoutcome discussion and tell some
(32:04):
real world stories around that.So, yeah, more on the automate
automotive side than an agentside than the generative side.
I'm kinda old school. I like towrite my own narratives, but I
do like to, get the researchdone a little faster, a lot
faster, three times faster.
Lou Rabon (32:23):
Oh, yeah. Prospecting. Right? If you're
prospecting for a new customer,you're, I mean, that's that's
just brilliant to be able totype it in, give a couple URLs,
and then all of a sudden, you'vegot a good kind of a good
overview. So it's saving time.
AI is saving a lot of time.
Stacey Horne (32:41):
Yes. You know, we we have a I've had relationship
with New Zealand to a smallerdegree, Australia for for many
years. If I move my head thisway, you can actually see New
Zealand.
Lou Rabon (32:52):
Oh, there you go. Yeah.
Stacey Horne (32:53):
I've had twenty twenty plus years now of
interactions with New Zealandand still work with some of the
organizations there, and one ofthem has a particularly
innovative product and service.And the interesting thing is now
with with AI and the curationability, you can customize their
(33:14):
service quite easily. And soit's it's really propelled them
forward in that. So I'm aware ofcompanies that are using it to
their advantage. I'm aware ofcompanies that are using it a
bit, I would say, loosely.
Lou Rabon (33:30):
Mhmm.
Stacey Horne (33:31):
And I I would certainly give a give some
advice that you wanna be verycareful and you wanna have clear
communication across yourorganization about what is
allowed, not allowed. I wouldsuggest sandboxes for testing.
They're on a totally segmentednetwork away from everything
(33:54):
else. And use some innovation toplay around in the sandbox and
do all your curating there. Andand frankly, you know,
particularly with so manycompanies that have trade
secrets or their IP and thingsof that nature, I would never
(34:15):
advise for that to go into anyAI prompt or any type of
questions that you're gonna postto AI, at least at this stage.
Lou Rabon (34:24):
Yeah. Agreed. I there's privacy policies that
say, hey. We're not training onthis data, but guess what?
They're hungry for data, and,you know, we're we've already
seen the way that they'vetreated data.
So I think, yeah, do not trust,you know, for any of the the
really sensitive stuff. I wouldsay, yeah, spin up your own LLM.
Makes sense.
Stacey Horne (34:45):
I think the other thing I'd throw in just just to
maybe a final point on it wouldbe, you know, there's a lot of
hesitancy for folks that maythink their jobs are at online.
So offer some training andprompt engineering or some other
other tools that could allow,your employees that may be at
(35:06):
risk to find new ways to bevaluable to the organization.
That's another thing that I'mseeing is a little bit of
headbutting and resistance, fromthose that think they're
threatened by it rather thanembracing it and maybe finding a
way forward in a in an alteredbut still a productive career
path.
Lou Rabon (35:25):
Yeah. I mean, this is the, the the transition from the
horse to the automobile or, youknow, like, really just a a
major change. So being afraid ofit or being you know, assuming
that it's not going to be big oreven on the other side thinking
it's gonna be something that youneed to avoid completely, not a
good strategy at all. Yeah.Yeah.
(35:48):
For sure. Yeah. So so is there astory, Stacy, that you have
that, like, a personal storydemonstrates where cyber has
had, like, a direct impact onyou personally, on your life or
someone you know?
Stacey Horne (36:01):
Definitely some people that I know. You know,
from my own personal story, I'mthankful to say I haven't had a
a scar there of any magnitude.My wife and I, I think one of
her credit cards once was, for ashort time in play
Lou Rabon (36:19):
That's true.
Stacey Horne (36:19):
But those are easily resolved and and all. And
and so, from the perspective of,an organization's third
generation, Lou, And theirgrandson was as old as I am. And
(36:39):
they had, all they did was movedirt. That was their whole
business. And they moved dirtand their grandfather had signed
up some clients back in his daythat would be you would up and
comers.
And they now occupy tallbuildings in major cities. And
(37:04):
so that client asked them to dosome things cyber security wise,
And I was asked to speak to thegrand the grandson again who's
quite and and actually met withhim twice and he said, you know,
I believe you, Stacy, but we'reour grandfather was a risk
(37:26):
taker. We're a risk taker. Allwe're doing is moving dirt.
We're too small.
Now, unfortunately, that that upand coming business being a
highly sophisticated businessstopped the attempted cyber
attack that came through thatorganization. But that
organization lost that thirdgeneration client and severely
(37:51):
impacted their company. And thatwas one of the last things I
remember was his remorse in notwanting to go from the risk
taking model to what's anacceptable risk. What's the
impact and what's the outcome?And so I I think about that
(38:13):
stories.
I often share, you know, therisk and the reward and how you
how you equate that in today'sworld.
Lou Rabon (38:24):
That that's a good one. I mean, it's a it's a
powerful one, a powerful story,and it definitely illustrates,
like, this person, it'sinteresting. Like, being a risk
taker, that's like, okay. I'mgoing to, you know, bet on a new
technology or I'm going to,maybe, pivot the business to a
new, you know, area orsomething. Not okay.
(38:48):
I know that that that to me,what you're telling me just
blows me away because it's like,okay. I'm driving a car on the
Autobahn at a 150 miles perhour, and I know the brakes
don't work. And I don't haveairbags, and I'd I'm not I'm
just wearing a seat belt. And ifanything bad but I'm a risk
taker. It's like, well, thereit's I don't know.
(39:08):
There's good risk and there'sbad risk, I guess.
Stacey Horne (39:12):
Exactly. There's a difference between taking risk
and being reckless.
Lou Rabon (39:17):
Yeah.
Stacey Horne (39:17):
They they they don't they aren't the same, but
they can be equated as the same.
Lou Rabon (39:22):
Yeah. Yeah. Absolutely. I I mean, this this
might be, divisive, but I'm Ifeel the same way about
motorcycle helmets. You know?
I'm my family lives in Florida.I go down there. I don't know if
Texas has the same laws where Imean, it's pure freedom. If you
don't wanna wear a helmet, youdon't have to. Is it the same
(39:42):
there in Texas?
Stacey Horne (39:44):
You don't have to wear a helmet. And, I always I
always tell people, I said,you're just a meat shield for
the helmet.
Lou Rabon (39:51):
Yeah. Speak to Unfortunately. Speak to an EMS
person. Speak to the people thatrespond to those. They're like,
you know, if you had a helmet,yeah, you might be, you know,
have some major damage, butyou'll survive without a helmet.
It's just like you're you know,the odds that you're playing. So
if you've watched squid game,yeah, it's there's a funny scene
at the end of squid game aboutodds and them calculating
(40:14):
certain odds. But I'm not a hugefan of that show, to be honest,
but that popped in my head. Ijust watched it recently. So so
let's talk about you personally,Stacy.
I mean, you've had such a a agreat career, long career.
You're in Texas. You know,obviously, you you've been
running Stillwater ecosystem forfor a long time now. Before
(40:36):
that, you were in it looks likethe oil and gas area, which by
the way, they have had their ownissues, right, with, hey. We're
just pulling die you know, olddinosaur remnants out of the out
of the, you know, ground, So wedon't need to be protected.
Right? It's
Stacey Horne (40:53):
like Yeah. Yeah.
Lou Rabon (40:54):
Well, how are you communicating with those wells
that are in Papua New Guinea or,you know, somewhere else?
Exactly. Yeah. But so you'vebeen you've been around the the
oil and gas industry and went toOle Miss. You know, I I hope you
guys Got
Stacey Horne (41:09):
it done.
Lou Rabon (41:09):
Yeah. I hope you you beat Florida this year. That
that'll be good because that'sour archrival. But, yeah, what,
you know, that that's a goodkinda, like, summary. But where
when you started Stillwater,what was, like, the the impetus
for that?
Were you like, hey. I'm justdone with IT?
Stacey Horne (41:26):
Or Yeah. Yeah. No. No. No.
I'm I couldn't spell oil and gaswhen I left Mississippi. I
worked on the only computer inmy hometown. And so MIS
education at Ole Miss andworking on the Olin computer in
my hometown, it was 18 milesaway from the school. And a good
(41:48):
friend of mine who had moved outthere sent me clippings in the
paper. That's how long ago itwas for everybody that's
listening.
And so came out to the Texasarea, and everybody said oil and
gas is where you need to be so Ijumped in. I didn't know what I
was doing and most of the teamthat was in IT there was some of
(42:11):
them were about my age now andI'm 22 years old rolling into
there and utilized some of thenew tools and and gadgets that I
had learned and others wereworking on. Many people, you'd
have to go Google it or go to amuseum to see some of the tools
and Fortran and COBOL and allthose languages. And so, a
(42:35):
friend of mine, a dear friend ofmine who who taught me
everything about oil and gas,and I gave him all the keys to
that I had for the new methodsof relational databases, and I
told him what SQL stood for andthings like that. And so we
leveraged that and and had agreat long run, and I stayed in
(42:57):
there, and I thought I'd spendmy whole career in the in that
industry with that company.
And as often happens, we madeacquisitions and treated people
like people, And then we wereacquired and it was spreadsheet
analysis on how I was supposedto cut a team that was my
family, not just coworkers.Relationships matter. They
(43:19):
always have. They always will.And so that's really where
Stillwater was born.
And back in the days when longago, you you know, I went to
Barnes and Nobles, bought anInstacart book, and had one of
those floppy drives that you putin it. And a friend of mine said
if you take an extra $35, youcan get incorporated pretty
(43:43):
quickly in Texas. Buddy of mineand I drove all the way to
Austin, and I had my $35 andwalked in, and the lady across
the counters said, how can Ihelp you? I told her I need to
get my company started becauseI'm gonna do my whole thing.
I've got my money here, and Iunderstand.
She said, slow down. Slow down.Said, young man, you know, you
(44:05):
you keep your $35. You go aroundthree blocks away and have you a
nice, you know, brisket tacobreakfast and come back after a
few hours, and I'll I'll takecare of you. So Stillwater
literally started in a convertedbreezeway from my detached
garage.
I enclosed it, put a t one atthe back of the house, and all
(44:27):
my kids' friends are coming overbecause back then, that was that
was crazy.
Lou Rabon (44:31):
Huge. Oh my god.
Stacey Horne (44:33):
Yeah. Yeah. It was big time. And so from that, it
started from there, and and andStillwater's been around since
the late nineties. And, youknow, it's had iterations.
We were an MSP before that was athree letter acronym. And we
were very fortunate, as Imentioned, in working with New
(44:53):
Zealand for a number of years.And there's fiber that runs all
the way from New Zealand andAustralia to the West Coast. And
one of my my really coolrelationships was with someone
who was a chief technologyofficer at Weta, which is a New
Zealand film company that madeThe Lord of the Rings. And we
(45:17):
took those same computers thatmade that third movie, and we
used them to process seismicprocessing software from a Texas
based company who had NewZealand holdings.
And my one and only time to makeit to the Houston Business
Journal, and it had my picture,But, unfortunately, instead of
(45:40):
my face, it had if you've seenthe movies, you know, the orcs
and the and they had the whiteNo. So the good news and
everybody's teasing me. Theysay, I really love that picture.
Lou Rabon (45:52):
That's hilarious. Did and you had no idea they were
gonna do that.
Stacey Horne (45:57):
No. No. No. They they actually just interviewed
me, and I think it was, like,lord of the rings meets energy
capital or something like that.
Lou Rabon (46:04):
That's hilarious.
Stacey Horne (46:05):
So that was a surprise to me and everyone
else. But I would say this. II've enjoyed, building
relationships at Stillwater.It's, the name comes from two
things. He leaves me besideStillwater, And then a high
school friend of mine wasintroducing me to someone and
(46:27):
said kinda one of those and saidhe Stillwater runs deep.
And so that's where the namecame from. It's been a journey
that I will continue because Ireally enjoy what I do. Trying
to be a little morephilanthropic on the advisory
side as I move forward and wellpositioned with these ecosystem
(46:48):
leaders or trusted leaders.Happy to say that your
organization, we met because ofrelationship, and you guys are
are in that in that camp. And Ireally appreciate the
opportunity just to share withyou, and, hopefully, one or two
things that were said might beuseful to others.
Lou Rabon (47:06):
Yeah. Yeah. Thanks, Stacy. Oh, what are you doing in
your spare time other thanphilanthropic stuff before we,
we close-up?
Stacey Horne (47:14):
Well, I got 10 grandkids.
Lou Rabon (47:16):
And Oh my gosh.
Stacey Horne (47:17):
Yeah. Yeah. And and they're all in Texas, so
I've got my loop that I make,and I enjoy golf. I actually
played Tour eighteen a coupledays ago, which has replica
holes, and I I parred this theSarbreast 17, the Island Green.
I parred that one, and I was wonover in Amen Corner Nice.
(47:38):
From the Masters group of holesthere. So I enjoy that, and I do
a little fishing from time totime. But I put them in the
right order. Grandkids, golf,fishing.
Lou Rabon (47:50):
Yeah. Fishing. That sounds good. Always the
grandkids first. That's I'm I'mnot far from that.
I don't think well, hopefully, Iam because my boys are still in
high school, but Mhmm. Coupleyears from now, I think, maybe.
Nice. So yeah.
Stacey Horne (48:08):
One one last thing there. The the good news is the
beauty of being a parent is whenyou when they're the grandkids,
you spoil them and hand themback.
Lou Rabon (48:17):
Right. Yeah. It's and then they the the kids get angry
at you because they're like, youcan't do that. They're not
allowed to do that at home. It'slike, well, that's what being a
grandparent is about.
Right? Exactly. Exactly. That'sgreat. That's great.
So so where can people connectwith you online?
Stacey Horne (48:34):
Well, certainly, I'm on LinkedIn.
Lou Rabon (48:37):
Mhmm.
Stacey Horne (48:37):
And that's the best way. And, you know, you
won't find any fancy smancywebsite because, basically, we
have one that's pretty basicbecause it really is someone
said, well, can you give me aone pager on cybersecurity? And
I said, no. I don't know if Ican give you a novel that could
(49:00):
cover cybersecurity. And the thethe additions of it would have
to be updated so often that itit doesn't make sense.
And so I really try to staycurrent, and, you know, I'm I'm
more likely to put something outon LinkedIn that's gonna be a
pause and reflect, and it'sgonna be the latest widget that
(49:20):
I've discovered. And, you know,those are really the platforms.
I mean, we really are trying toget philanthropic around thought
leadership, and and that's backto my my friend I mentioned
that's a young man withautomation. We're trying to get
some things we can share on aregular basis, and we hope we're
(49:41):
hopeful that's gonna helpeveryone to some some degree
raise awareness and maybe takesome action that they hadn't
considered.
Lou Rabon (49:50):
Good. Well, it sounds like there's a a release coming
out soon, so stay tuned forthat. You know, when you're
ready, pop it on LinkedIn. Sobest place to find you LinkedIn,
stillwaterecosystem.com, butdon't you won't be blown away by
that website. That isintentional.
You know? Somebody said, are
Stacey Horne (50:09):
you gonna we'll start putting stuff out there
once we start this cadence of ofthought leadership with a little
more regularity. It's usually alittle bit more like this, or I
I actually enjoy speaking liveand in person because there's an
essence of being in person withfolks and that dialogue that
happens afterwards thatsometimes my granny used to say
(50:33):
it's better felt than tilt. It'salmost like you look someone in
the eye, shake them, have aconversation over coffee or a
beverage or whatever. You know?There's there's something there
that's just hard to replicate,in the virtual world.
Lou Rabon (50:48):
100%. That that's becomes more important in the
world of AI, and and all ofthese manufactured everything
online, you know, welloverwhelming news that we we
really don't need news as muchas we're getting it. So, yeah,
it's, it's I think the face toface human interaction is is is
(51:09):
becoming even more important.So, Stacy Horn, thank you so
much.
Stacey Horne (51:15):
Lou, it's been a pleasure. Thanks for the
opportunity and then invite.
Lou Rabon (51:19):
And and thank you to those that are watching and or
listening. If you learnedsomething today or laughed,
please tell someone about thispodcast. Thanks again, Stacy.
And this has been anotherexciting episode of Channel
Security Secrets. See you soon.
That's a wrap for this episodeof Channel Security Secrets.
Thanks for tuning in. For shownotes, guest info, and more
(51:40):
episodes, visit us atchannelsecuritysecrets.com.
Channel Security Secrets issponsored by Cyber Defense
Group. When it comes toprotecting your business, don't
settle for reactive.
Partner with experts who buildresilience from the ground up.
Popular Podcasts
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com