By AI TechPark | Featuring Scott Gray, President of Gray Analytics
I have had a long career working in technology. I spent time working as a civil servant with the US Army, with a large aircraft manufacturer, and with a couple of computer hardware and service providers. I enjoyed all those roles and, in each case, we were working to solve technical challenges for clients. I worked with a lot of great people and it was about leveraging all the resources we had and getting the entire team to work together to solve these challenges and help our clients. My brother Ron has been a successful entrepreneur with engineering and consulting firms since the ’90s. Ron set up Gray Analytics a few years ago and asked me to come join him in helping manage and grow this business. It is exciting for me, because we have and we are building a great team, and at our size, we are able to be nimble and truly be driven by our clients’ technical challenges.
It has been pretty amazing how we are evolving. Most of our work is in support of the Department of Defense (DoD), but we are placing an emphasis on helping commercial organizations as well. In addition to our DoD core, we have worked with clients in transportation, manufacturing, agriculture, legal, engineering, accounting and finance, and construction.
The most common pain point customers approach us with is risk. Our work with the DoD has ranged from the risk related to our nation’s lagging position on hypersonic weapon and defense systems, to the risk of cyber intrusions into national defense systems, to the risk of bad software due to inefficient and outdated development practices. On the commercial side, it is about the risk of cyber intrusion and losses of money, intellectual, property and PII due to these intrusions, whether by organized cyber crime syndicates, nation state cyber criminals, or even insider threats. Spanning across DoD and commercial is our work with SAP NS2 for our Supply Chain Intelligence Tool, ChainShield ™. This tool can be applied to any supply chain including but not limited to national defense systems, electronics, food, pharmaceuticals and critical infrastructure, to illuminate risks in the supply chain and take corrective action to ensure trust.
The National Institute of Standards policies for cybersecurity (e.g. NIST 800-171) have long been a basis for our risk assessments, whether for government or purely commercial clients. We feel like that is a great framework to start with. Of course, the DoD contractor side is evolving and expanding to the Cybersecurity Maturity Model Certification (CMMC), and that model is rapidly becoming the standard to measure an organization’s information security program.
It is very difficult to name only three, but,
We have seen a lot of misses.
Another area is just pure policy and process – things like password policies, the principle of least privilege for system access and configuration management. Finally, in the technology itself, one miss would be not having proper technical safeguards in place. For example, many are very resistant to multi-factor authentication. Generally, I think it gets back to awareness and understanding the myriad of these things that can put you at risk.
For us, it gets back to our team. We have a great team of people that have a natural hunger for technology and cyber security and have an innate desire to stay ahead of the curve. I am fortunate the team will send me information to help keep me up-to-pace. I also rely heavily on reading as much as I can, such as at AI TechPark.
Well, this interview is perfect for that. It really is AI. SAP Hana’s AI capability is the underlying brains for our ChainShield ™ Supply Chain Intelligence Tool. Gray Analytics is also looking at how we can apply AI to other areas of cyber security.
I am certainly encouraging of women in any area of STEM. I don’t think there is a better area to be in.
Build a strong team that can work together. Get people with different capabilities that complement one another. When possible, find those people who have a broad skillset, likes any technical challenge and will work to figure out a way to resolve a problem. Finally, your people need to be tenacious. You want team members who don’t give up just because the task is difficult and they meet failure along the way.
I talked about tenacity above; I have always thought tenacity was such an important character trait. When I first saw Theodore Roosevelt’s “The Man in The Arena” speech at the Sorbonne at the University of Paris, it really resonated with me:
It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, and comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows the great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who know neither victory nor defeat.
I have applied this throughout my life, but also when encouraging my three daughters in times of difficult obstacles, or even failures when working towards any goal or project.
Scott Gray leads the Gray Analytics team. He is responsible for setting growth strategies and execution plans with an emphasis on solving the client’s complex technical challenges with the highest levels of client satisfaction and Gray Analytics team member morale. Scott has over 30 years’ experience working with corporations and government organizations to deliver high-value solutions to help clients meet complex mission objectives. Prior to Gray Analytics, Scott worked at IBM with hardware infrastructure responsibility for the US Army, US Navy, US Marine Corps, and Missile Defense Agency. Scott has a Bachelor of Science in Industrial Engineering from the University of Alabama, a Master of Science in Engineering from the University of Alabama in Huntsville, and a Master of Business Administration from Vanderbilt University.