Tellis Williams, Chief Information Security Officer, AXA Assistance
There are two things in Tellis Williams’ background that primed him to become a detail-oriented Chief Information Security Officer. First of all, he has a degree in the broad but disciplined field of electrical engineering. And second, he’s been a musician since the age of four. Williams is primarily a drummer, but he plays all percussion instruments.
The background combination of music and engineering seems to be a common theme for many security executives. Williams says it’s only natural. “There’s a synergy between the type of thinking and the mode of thinking that you have to do in a security role as well as what you do in music and engineering. It’s numbered. It’s sequential. There’s a logic behind it, and that same logic transfers over to thinking about how to protect your data and your organization. It’s actually the same mind set.”
Oddly enough, Williams says he’s never worked a single day in the field of electrical engineering, but having an engineer’s methodical mind has certainly helped him get ahead.
“My first position out of college was with the Federal Communications Commission,” says Williams. “My group’s responsibility was to decide, and help the government decide, how to auction out all of the spectrum destined to be used for this new narrowband and broadband technology infrastructure that was emerging at the time. It was absolutely fascinating work, but nerve-racking at the same time.”
“My role as a liaison between the FCC and private industry was to group the small businesses and the minority owned businesses to try to work out how the spectrum could be auctioned out in a manner that would be conducive to all of those parties instead of just having it go to the big entities like the major carriers and the equipment manufacturers,” says Williams. “At that time, the big companies were starting to link together and join forces. But we wanted to create some type of set-aside or something that would allow the average American to actually get into that fight as well, because it encompassed so much. So, my group’s job was to decide and to delineate how to auction out that spectrum in a way that could be fair across the board in the U.S.”
Williams says the outcome of his group’s work was relatively good. “We did have some setbacks right before the auctioning occurred. The rules were actually changed for one particular auction, and it did benefit the hierarchy and the food chain of equipment manufacturers,” he says. “But we put up a good fight to make sure the smaller players were included in some way. They were not left all the way out, and I guess in politics no one ever gets exactly what they want.”
With the FCC mission accomplished, Williams moved back to Chicago to work for Technisource, a third-party vendor to the US Robotics team working on the groundbreaking device called the Palm Pilot, which US Robotics had acquired in its acquisition of Palm, Inc. As readers may recall, the Palm Pilot, later renamed the Palm Handheld Device, was one of the first commercially successful personal digital assistants. Williams did R&D on the beta version of the device, and once it was released, he managed the technical support department providing global support for the popular device.
Williams spent the next decade or so with various companies, mostly working on the infrastructure side of IT. “I’ve literally done everything in infrastructure from help desk, all the way up through networking and engineering,” says Williams. He says the well-rounded technical background he acquired is very relevant to his executive position today.
He moved to the data protection side of the house about ten years ago. “Prior to that, there was no security team. No one had a security team except for agencies within the federal government,” says Williams. “But I saw the trend moving over to security, this new aspect, which had been previously handled simply by your network engineer. The two were combined. You had the network engineering function and you had best practices for securing those functions, but it was not split out as it is today. But I saw that need, took a gamble on it, and figured this would be something that would only expand, not deflate. At that time, it was still just IT security, not really data governance. Of course, that role has just matured to the point where it’s gone past IT security and gone to information security, and then to overall security. In my role now, I also have physical security on my domain.”
Williams is currently the Chief Information Security Officer for AXA Partners in the U.S., particularly for the company AXA Assistance. This company specializes in best-in-class emergency response and everyday assistance by providing high quality information and services that result in better travel, health and life experiences. If you’ve ever bought or used travel insurance, chances are good that it has come through AXA Assistance. Williams has been the CISO since August 2015, and he oversees all aspects of information security and data privacy, as well as physical security.
Williams has seen some significant changes in his career spanning nearly three decades. “When I first started in security, everything was really siloed off. The engineer that worked on firewalls worked strictly on firewalls. The engineer that worked on privileged access management worked specifically with that. The fear in the industry was that your security team had all the keys to the kingdom, and to put all of those keys in one person’s hand… Well, no one really wanted to do that. They didn’t have the trust factor with security and data privacy teams at that point.”
“I decided to help out in doing something that none of these guys wanted to do, which was reporting to the business,” says Williams. “This gave me exposure to all of those different elements, so it removed me from being in those individual silos. That was one of the best decisions that I made because it gave me a well-rounded approach to security, but also gave me access to the information that would be necessary for the business. I understood the difference between the two and was able to translate many of the terms and the reasoning behind different initiatives from a security stand point to the business, and get buy-in from the business. So, all those things helped me, but it was simply one decision, and that one decision was to start reporting on all of the different elements of security to the business.”
On the personal side, Williams has two daughters, three sons, and two grandchildren so far. As for the musical aspect of Williams’ life, he considers it a fun hobby. Over the years, he has showcased his talents through recordings with a few different gospel and jazz groups. More than that, though, it has given him a lifetime of joy.