This post originally appeared in Virtual Strategy Magazine.
How did you first meet? Should CEOs and CTOs have an existing relationship before considering a working partnership?
BB: Yes, I do think that it helps for CEOs and CTOs to have an existing relationship before considering a working one. Because John and I go a long way back, we trust each other when it comes to divvying up strategic technology initiatives. So, while it’s a delicate matter, we’re able to find a fine balance that enables me and the other co-founder, Dima, to get involved in discussions around our strategic product directions, while also weaving them into the product based on what we feel makes the most sense.
JM: We’ve known each other for more than 10 years now, going back to when we were both program managers at Microsoft. There was this weird guy from Israel who wanted to meet some actual customers and, at the time, I ran a lot of the customer engineering work in Windows Server. We’ve been friends ever since.
Are there barriers that tend to get in the way of a successful CEO-CTO partnership? Can you cite any specific examples?
BB: I’d argue that a CTO’s role is not clearly defined in any organization, and even less so at startups. The first barrier lies in the CEO being the CTO’s manager, expecting results despite not having a very clearly defined role, which can lead to confusion in terms of which results to expect.
Another barrier comes down to ownership over strategic technology initiatives. A CEO who is quite technical typically wants to get involved in the specifics of the technology, as well as decisions that affect the startup. And a good CTO would want to do the same. At Twistlock, we’re lucky enough to have John essentially act as a “Chief Someone Officer” because people tend to say “someone has to do it”, and he ends up doing everything that he feels falls through the cracks. On top of that, John also handles both our technical pre-sales work and anything related to the product. So, altogether, he’s in charge of what three other people would usually work on at a regular startup.
JM: This is the first time both of us have had these roles, so I would assume it’s because of egos and control. One thing I’m particularly proud of at Twistlock is that we always stay humble and hungry, and recognize the importance of everyone’s role at the company. We’ve interacted with lots of VCs and various other personalities who grew up in the Bay Area and went to top schools, but that’s not us. We have this inside joke that we’re “public school guys” and that’s literally and figuratively true. We know we have to earn what we have and that perspective keeps us grounded. As I’ve told Ben and Dima many times, I’m forever grateful for them bringing me into this adventure.
What characteristics or personality traits should a CEO want in his/her CTO? And vice versa?
BB: Honestly, this is my first experience as a CEO, so my answer might be affected by the way John works. I would say the keys to success are: work hard, be hands-on, proactively search for areas that fall between the cracks and handle them, be the #1 sales person of your product and be able to pitch it both at the high and low levels.
JM: Obviously, you want someone who’s smart, competent, and ambitious. It’s probably also equally important to have someone who you know will do the hidden background work to manage interactions with the board, position us well with potential investors, and think about the next step in the game. One thing I’ve told Ben before is that, as obsessed as I am with Twistlock, I know he’s even more all in and that he’s always doing everything possible for the good of the company. That dedication and purity of purpose is pretty important, especially as you grow from a tiny crew into a company.
What first-hand lessons can Twistlock share for getting the dynamic right and avoiding pitfalls?
JM: At least 50% of the dynamic comes down to just being a good person—be honest, work hard, and treat everyone with respect. The rest comes down to understanding each other’s roles, leveraging their strengths, and helping fill in any weaknesses. One thing that I think has been great for us is that, while Ben gives plenty of feedback and perspectives on the product, good data and customer focus is what matters in the end. That goes back to what I said earlier—mutual respect and trust that we’re both always trying to do the right thing for all of us makes it easy to focus on the work instead of anyone’s ego.
Ben, you’re based out of New York, while John lives in Louisiana. What percentage of the time do you see each other face-to-face? What are your recommendations for virtual communications between you two? Between extended teams?
BB: For most of the people I work with, I insist that we do a video conference. I find it really important to be able to see a person’s face, to try and read between the lines, and what they’re trying to convey. Ironically, since I’ve known John for a while, he’s probably the only person on the team who I feel comfortable talking on the phone with. We probably talk to each other once a day or so, sometimes just about funny things that happened. For example, I might tell him about weird fundraising situations, while he’ll bring up awkward customer cases.
JM: Well, we live more than 1,000 miles away from each other, so our in-person time isn’t constant. We probably meet in person every month or two to see customers, attend conferences or board meetings, etc. But we talk pretty much every day, usually more than once. It’s enough that if my phone rings at night, my boys will scream, “It’s Mr. Ben”, and they’re usually right. As a company, we also use Zoom for all our meetings and it’s by far the best video conferencing experience I’ve found. Culturally, we always use video for meetings, which really helps everything seem more human when you have people spread across 10 or so time zones.
Ben has often been referred to as a technical CEO. John, what do you think about this description, and do you think it applies to him?
JM: He was a kernel developer at Microsoft and had this weird obsession with wanting to build our product from the source for his lab, so yeah. You can do black box observations to know if we’re trying to raise a round. When we were raising our Series B funding round, he was totally focused on that. But at other times, I’ll start to get questions about which Salesforce APIs we use, or he’ll build a tool to sync our directory info from a Google Sheet into the G Suite directory.
John’s approach to his role as a CTO is very hands-on. Ben, what benefits or pitfalls could you see from John’s propensity to roll up his sleeves and get in there?
BB: Honestly, I can only see benefits. When you get a startup off the ground, you’re solving a problem that hasn’t been addressed yet. It might be similar to another startup, but it is essentially new. That’s why you have to be very close to the problem you’re solving and the way you’re trying to solve it—that’s the only way to extract meaningful data on what you’re doing. Every statement John makes is backed up by data, which turns any discussion into a meaningful one. Whether it deals with our strategic customer accounts or product features, John can explain why we have them and why they were prioritized a certain way. This is my first time as a CEO, but my gut feeling tells me that a hands-on CTO is the only way it would work. Otherwise, you’ll just get another opinion, which God knows you have enough of when you’re trying to run a business.
Is there anything else that’s unique about your partnership and working relationship that is worth mentioning? What’s the secret sauce?
JM: I’ve spent more time in Israel than any other Cajun I know and my wife has made Kosher gumbo. That seems pretty unique.
BB: John’s wife’s Kosher gumbo is great!
- Container Security
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
Baking Compliance in your CI/CD PipelineRead the Blog
Serverless Security Suggestions: Tips for Keeping Serverless Functions SecureRead the Blog
Why a Common Security Toolset is Essential for DevSecOpsRead the Blog
Putting the “Ops” in DevSecOps: Why It’s Hard and How to Do ItRead the Blog
Why the Point Solution Mindset for IT Security is DeadRead the Blog