2022 Executive of the Year: Jack Koziol — A cybercrook’s worst nightmare

Feature Eoy Jack Koziol Panel
Photo by Shawn Harper

Register to attend the Executive of the Year awards and reception on Tuesday, Jan. 18.

Today’s increasingly sophisticated cybercriminals are an international scourge, but they have their own public enemy No. 1 in Jack Koziol, CEO and founder of Infosec, a Madison-based cybersecurity education and training service.

Since the onset of the pandemic, Koziol accelerated the company’s strategic plan to become an online training provider. Having launched a subscription-based skills training platform in 2019, Infosec was well-positioned to meet the growing demand for online training in a hybrid work environment. In the past year, Infosec’s software revenue grew by 62% over 2020, and the company grew new software customers by 71%.

Prior to the pandemic, 30% of Infosec’s training was completed via in-person bootcamps. At the onset of COVID-19, it quickly pivoted from in-person courses to live, online training to ensure uninterrupted continuity in the professional development paths of IT security professionals.

As a result, 2021 marked the 17th consecutive year of profitability since the company’s founding, an impressive streak for any IT security provider, let alone one that is among the few non-venture-backed cybersecurity education providers in the market.

Such business performance earned Koziol a 2022 Executive of the Year Award. The UW–Madison graduate is one of six people selected for this honor by a judging panel of previous EOY winners.

Outsmarting cybercriminals
Infosec is headquartered in Madison with offices in Chicago and Dulles, Virginia. The company helps IT and security professionals advance their careers with skills development and certifications, and it empowers client employees with security awareness and privacy training to stay cyber-safe at work and home. Thousands of organizations and more than 5 million learners worldwide have turned to Infosec’s security courses and security awareness and phishing training to stay a step ahead of hackers.

While there are several reasons for the company’s strong financial performance over the past 12 months, Koziol cites pure market need. With 80,000 security incidents in the U.S. during 2020 alone, the cybersecurity industry is kept busy. “We do have really strong tailwinds in the cybersecurity industry,” he states. “We have cybersecurity software platforms at scale, and it just so happens that over 90% of cybersecurity breaches and incidents are caused by human error.”

That’s been his business for the past 17 years — to help people understand cyberthreats and prevent attacks. Cybersecurity is all about prevention, whether it’s in the form of employee security awareness or technology protections, but given the increasing sophistication of cybercriminals, one layer of protection isn’t enough.

The most important layer is knowledge, which is power when it comes to fighting cybercrime. “You want to have the technical controls, you want to have the trained staff, and you want to have your workforce serving as a human firewall for any inbound attacks,” Koziol states. “Security awareness has gone from something that really wasn’t seen as a first-class citizen as far as security initiatives to something that, in the past couple of years, is really viewed as an imperative part of it.”

“Being recognized as an Executive of the Year is an incredible honor. What it means to me is that I’ve been fortunate to assemble a fantastic group of people who are aligned to our mission of cybersecurity education.” — Jack Koziol, Infosec

Businesses are never going to stop people from trying to “phish” them or attack their computer systems by other means. That’s why the most cost-effective means of prevention is to train people regularly and show them how to prevent phishing, how to operate securely within their workspace, and how to operate securely when they are working remotely.

Unfortunately, cybersecurity awareness can be dull, so gamification is increasingly being used to make it both fun and informative. Infosec is part of that movement with its interactive Choose Your Own Adventure security awareness games, and the early returns are encouraging. Koziol credits gamification with boosting user engagement, breathing new life into security awareness education, and boosting sales.

“Most cybersecurity awareness training out there is very boring, and people are very busy, and it causes them to deprioritize that or not be interested in it,” Koziol explains. “If we can use techniques like gamification or use Hollywood-level video production, this engages people, and additionally, the gamification allows people a safe place to make mistakes.”

This past year, Koziol also built collaborations with other industry leaders that share Infosec’s mission to accelerate cybersecurity education. This includes partnering with the following organizations: Coursera, one of the world’s largest online course, certification, and degree providers; Microsoft Viva, the recently launched an employee experience and engagement platform for upskilling and reskilling; and the Midwestern Higher Education Compact, a multistate collaboration to ensure strong and equitable postsecondary educational opportunities.

Infosec’s community involvement, driven by a culture of giving back, is aided by the philanthropic program Infosec Gives. Koziol is a champion of this program, which is the company’s 1-1-1 philanthropic commitment to sharing profit, product, and time. Under Infosec Gives, 1% of company profits are donated to organizations aligned with its core values and those of its employees, including the United Way of Dane County, the Boys & Girls Clubs of Dane County, and Girls Who Code.

Another part of Infosec’s philanthropy is the Accelerate Scholarship program, which is aimed at workforce diversity challenges in cybersecurity. To date, this two-year-old program has awarded more than $405,000 in security education to encourage new talent from traditionally underrepresented groups to explore cybersecurity career paths. “The cybersecurity industry is a tech field, so it’s very much white male dominated,” Koziol notes. “If we can play a role in widening that tent and helping others get into the cybersecurity industry, it benefits the industry as a whole.”

The good fight
Our judging panel credited Koziol with taking the lead in fighting cybercrime and collaborating with other industry leaders to do so. “Cybercrime is one of those, ‘keeps me up at night’ business issues,” notes one judge. “Every business is concerned about IT security and how to empower employees to make good decisions. Jack’s leadership and business insight is evidenced by the great success of Infosec this year and over the past two.”

Click here to sign up for the free IB Ezine — your twice-weekly resource for local business news, analysis, voices, and the names you need to know. If you are not already a subscriber to In Business magazine, be sure to sign up for our monthly print edition here.