Sword & Shield Comes of Age

Knoxville-Based CyberSecurity Firm Turns 20 This Year

Sword & Shield Comes of Age

Sword & Shield founders James Goldston, left, and John McNeely in earlier days.

It all started with John McNeely’s ability to hack into an old Sun workstation to get root access.

The action by the current Sword & Shield president and CEO caught the attention of Sword & Shield founder James Goldston’s wife, Sandy, who worked at Lockheed Martin with McNeely and mentioned McNeely’s ability to her husband.

“Sandy mentioned the hack to James and by March 1997, I got a visit from James,” McNeely said. “We had many meetings at the Chick-Fil-A and Chinese restaurants to discuss ideas of starting a network security company. In June of that year, I made the final decision to leave Lockheed Martin and officially work with James to launch Sword & Shield.”

Now, 20 years later, the company celebrates two decades with a series of staff recognitions and customer appreciation events.

Goldston, who had been working as an independent network security contractor, had filed the paperwork to found the company on Jan. 31, 1997, but didn’t officially launch the business until McNeely joined him.

For the first few months the men worked at Goldston’s kitchen table before eventually settling in a stand-alone, two-story garage on Goldston’s property where they remained until 1999.

“July through December was just a fun and exciting time,” McNeely said. “It was all about the possibilities. We could see that Internet commerce was growing and we knew network security would be a big deal. We went in without the greatest business plan in the world, but we had the passion, determination and grit to get through.”

Sword & Shield Co-Founder, President, and CEO John McNeely

President, CEO and Co-Founder John McNeely

McNeely said he and Goldston wore many hats in those days, working as security analysts, salesmen, marketing specialists and office managers. A well-used fax machine served as their ordering system and created a stir every time the trademarked whirring noise spat out signed confirmations.

“Both of us came from large, bureaucratic organizations, where everything is managed, so we enjoyed being in control,” he said.

From the beginning, McNeely said the founders wanted to concentrate on private sector IT security needs, but, with their backgrounds in federal contracting, knew that federal contracts would add stability to the fledgling business.

Some of Sword & Shield’s first customers included the U.S. Air Force Technical Applications Center, SAIC, McKee Foods, Eastman Chemical, Lockheed Martin and the FBI.

The company also secured partnerships with some companies that would become heavy hitters in the cyber security industry, including ISS Systems and CheckPoint.

“People would come to visit us in our two-story garage,” McNeely said. “They didn’t seem to mind. The garage had sort of a ‘tech coolness’.”

Executive Vice President Will Henderson

Executive Vice President and Co-Founder Will Henderson

Executive Vice President Will Henderson, who had just retired from US Internet, was brought on in 1998 to help bring some business discipline to the company.

“He was only going to stay for a few years,” McNeely said.

Nineteen years later, Henderson is still actively involved in the company’s daily operations.

And, as the fax machine continued to churn out orders, the business continued to grow.

By 1999, the team had not only taken over both floors of the garage, but had annexed back into the Goldston home. It was time to move.

The company found office space on the aptly named Technology Drive and pushed forward with its network security offerings through the early 2000s before integrating compliance offerings into its portfolio.

“We survived the fall of the dot coms with our federal projects and we still had our security projects which were still mostly installations and VPNs. Compliance was still not really on the radar,” McNeely said.

But, by 2005-2006, federal and organizational compliance regulations were becoming more important to businesses looking to avoid fines. These regulations became important tools toward measuring industry standards. Today, the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry’s Data Security Standard (PCI-DSS) are considered part of the company’s meat-and-potatoes markets.

Co-Founder James Goldston

James Goldston, Co-Founder

Goldston unfortunately passed away in 2006 from cancer, but McNeely and Henderson, along with Goldston’s wife, Sandy, and the more than 60 employees who now work for the company continue to navigate the company through the ever-changing waters of the cybersecurity industry.

In addition to changing security and compliance needs, McNeely says the type of malicious activities has also grown and changed.

“At first, a lot of what we saw was mostly hacking to be hacking,” he said. “It was trendy and wasn’t as sophisticated. Now, we’re seeing more sophisticated hacking and hacking that is nation-based.”

McNeely said there was always the risk of data loss, but over the past 20 years, he’s seen malware evolve into financial incentives for hackers to monetize data and intellectual property.

He says there is one issue that has remained consistent: apathy.

“Companies have to realize they can’t do it all by themselves. Security is complex.”

McNeely says both the future of Sword & Shield and of cybersecurity, in general, is in companies’ willingness to partner with security experts to deal with complex issues.

“It’s no longer enough to consult and advise – we still do that – but it’s becoming more and more important for companies to learn when to offload those burdens,” he said.

Sword & Shield’s Managed Security Services are an extension of those needs. Partnering with our team of security professionals who understand evolving threats helps organizations protect their brand.

“It’s no longer a matter of building a perimeter,” he said. “The castle walls are falling. Today with the mobility of data, we must look at a variety of large-scale attacks, insider threats and more attack vectors.”

Comments are closed.