Smart CIOs Do This: The Unspoken Rules of Cybersecurity Leadership with

Guest: Andrew Griffiths, CEO & Founder of Annexus Technologies

Host: Julie Riga

About This Episode

In this episode, Julie sits down with Andrew Griffiths, a legacy-minded CEO and founder of Annexus Technologies, a multinational IT firm known for building infrastructure so strong it rarely needs fixing. Andrew is a strategist, philosopher of security, and storyteller with a deep belief in designing systems that protect people, not just profits.

Together, they dive deep into the three essential ingredients for CIO success and explore the unspoken rules of cybersecurity leadership that smart CIOs follow to protect their organizations.

Guest Background

Andrew Griffiths is the CEO and founder of Annexus Technologies, a cybersecurity firm registered in Jamaica since 2014, now expanding into Canada. Andrew's unique perspective on IT infrastructure was shaped by early exposure to satellites, electronics, and various technologies, leading him to see IT as ubiquitous and transformative. His philosophy centers on optimizing existing systems and connecting people through technology.

Fun Fact: Andrew's favorite food is ackee and corned pork - a unique twist on Jamaica's national dish that substitutes corned pork for the traditional saltfish.

Key Topics Discussed

The Three Ingredients for CIO Success:

1 Visibility & Assessment

• Understanding what's happening both inside and outside your network
• The importance of secure design for internal and external domains
• Implementing layers of trust with zero-trust principles

2 Proactive Analysis & Planning

• Moving from prevention to proactivity
• Understanding your cybersecurity posture rating (0-100)
• Identifying compromised credentials on the dark web
• Creating mitigation plans for when breaches occur

3 Strategic Implementation

• Balancing cost-effectiveness with security requirements
• Planning for short-term, medium-term, and long-term security needs
• Aligning business objectives with IT infrastructure

The Annexus Approach:

• Public Domain Assessments: Understanding external security posture
• Multi-standard Compliance: Meeting GDPR, PIPEDA, PCI, and other international standards
• Proactive Monitoring: Real-time detection of network scanning attempts
• Virtual Network Infrastructure: Creating controlled environments for threat analysis

Key Insights for CIOs

The Trust-Building Challenge:

• Cybersecurity sales cycles can take 6 months to a year due to trust requirements
• Building relationships requires patience and consistent education
• Sometimes you need to wait for organizations to validate the need themselves

The Titanic Analogy:

Andrew compares cybersecurity professionals to engineers warning about icebergs - often dismissed until disaster strikes, highlighting the importance of persistent, consistent communication about security risks.

Multi-Vendor Security Strategy:

• Avoid vendor lock-in for critical security infrastructure
• Use different firewall platforms in series to increase security complexity
• Design solutions that make it harder for attackers to predict your security stack

Future-Forward Thinking

Next-Generation Platforms:

Annexus is focusing on comprehensive ecosystems that protect:

• Data within organizations
• Data transfer between organizations
• Cloud redundancy strategies across multiple providers (Azure, AWS)

The Future of IT:

Andrew predicts the future lies in "redundancy at cloud scale" - ensuring business continuity even when major cloud providers experience outages.

Connect with Andrew Griffiths

• Website: www.annexustech.ca
• Social Media: Available on YouTube, Twitter, Instagram, Facebook
• Company: Annexus Technologies

Connect with Julie Riga

• Website: www.julieriga.com
• Social Media: www.linkedin.com/in/julieriga
• Coaching: Learn more about leadership coaching and transformation

This episode is perfect for sharing with CIOs and IT leaders in your network who need to hear these insights about modern cybersecurity leadership.