The Hitchhiker’s Guide to IT: Vendor Management and Cybersecurity

Cybersecurity has many facets, and not everyone is familiar with the ins and outs of it. What’s more, it may surprise people to learn that much of cybersecurity does not directly involve technology. As tech advances, new ways to address cybersecurity needs with the help of vendor management emerges. How do these advancements come together and help the world of cybersecurity?

On this episode of The Hitchhiker’s Guide to IT, host Michelle Dawn Mooney talks with Thomas Johnson, National Leader of Cybersecurity at BDO Digital, about vendors and cybersecurity. Johnson admits, “I’m accused of talking about cybersecurity that has nothing to do with technology”, which includes his college teaching job, where he teaches non-technical things like “making sure that people don’t click on links”. But he says non-technical aspects are important in the cyber community.

Mooney and Johnson also talk about:

  1. How you should not put everything in cybersecurity on the vendors
  2. Staying responsible as a consumer and IT provider
  3. Understanding and learning to work with the cloud

On the topic of vendor management, Johnson said, “I think it’s a super critical component, especially when organizations are looking at migrating workloads to The Cloud or using a service provider to be able to provide services, IT services, to the organization.” Johnson also warns not to rely solely on the vendors and promotes a responsible way of using vendors. He knows it can be tempting to leave everything up to vendors, but just like not clicking on links, being responsible is a non-technical component to cybersecurity that is just as vital to the job.

Thomas Johnson has worked in the technology field for over three decades, going from Information Technology Manager at MB Financial, to VP/Managing Director at Aqueity, to most recently being the National Leader in Cybersecurity at BDO Digital.

Recent Episodes

 In today’s rapidly evolving business landscape, B2B customers expect more than just reliable services—they want proactive partners who deliver personalized value. A Deloitte study found that 62% of B2B customers made additional purchases after a positive customer service experience, underscoring how deeply customer satisfaction influences growth and retention. For security firms, this reinforces…

Despite growing gender diversity in many industries, the security field continues to be largely male-dominated. However, that landscape is evolving as more women in security step into leadership roles, challenge long-standing norms, and contribute to a more inclusive culture. Through mentorship, development programs, and increased visibility, this shift is not only empowering individuals but…

From AI-driven surveillance to dynamic mobile guarding, the way we secure commercial real estate, corporate campuses, and critical infrastructure is undergoing a major transformation. As high-value assets face increasingly complex threats, security is no longer just about cameras and guards—it’s about predictive insights, global awareness, and resilience planning. According to a Securitas discussion,…