Gustav Plato is a Co-Founder of It's Just Results. Gustav designs, executes, and manages IT Strategy, Information Security Programs, Risk Assessment, Security Audit, and Compliance Programs for startups, small businesses, and mid market companies.
Gustav guides companies through the complex landscape of compliance engagements including applying CIS-20; NIST 800-171, 800-53r4, CSF; GDPR; ISO 27001, FFIEC and SOC 2 Pre-Audits. He develop System Security Plans (SSPs) / Written Information Security Plans (WISP), Plan of Action & Milestones (POA&M), and help guide implementation efforts.
Gustav also puts together solutions that include Managed Services Providers (MSPs), Security Incident & Event Management (SIEM) vendors, Insider Threat solution providers, Network Operations Centers (NOC) and Security Operations Centers (SOC) vendors, Remote Monitoring and Management (RMM) providers for MACs and PCs.
Gustav has led the productization of 80 key policies to rapidly transform organizational efforts aligned to the numerous compliance frameworks (e.g. Access Controls, Incident Response, Vendor Management). Policies are RACI enabled and tied to Gantt project management toolkit for rapid deployment.
He has developed and implemented Business Continuity and Disaster Recovery Planning and Support; Penetration Testing (web and network) project management; and Security and Compliance Training.
Gustav is a Certified IBM Solutions Consultant and a member of ISACA. He has a B.S. Degree in Economics from George Mason University.
John is a Co-Founder of It’s Just Results. In this role, he is responsible for developing client information technology architectures, security strategies and operating models, codifying security decisions as policies and procedures, and security metrics. John has over 30 years of experience in information technology and understands the regulatory and threat environments facing organizations. He is deeply versed in a number of compliance frameworks and directly guides clients and their compliance initiatives. He has worked with clients on NIST compliance, HIPAA compliance, DFARS compliance, and various State compliance frameworks.
John’s experience in a multi-billion-dollar organization spanned a variety of responsibilities including architecture, data centers, distributed computing, and web applications. John applies this experience to rapidly identify operational, security, and management gaps in client environments. He is noted for producing solutions that can be managed in today’s lean resource environments.
John’s range of management and technical experience spans small business, large enterprises, and federal organizations. His experience was gained consulting or managing IT business alignment, security evolution to hybrid and cloud environments, roadmaps for executives to follow for security and operations improvements, rehabilitation of “stalled IT projects”, daily IT operations, performing as an intermediary for clients to various out-sourced suppliers, and senior executive coaching.
John delights in seeing real results occur on a step by step basis. His style is to roll up his sleeves and engage in back-and-forth discussions and suggestions to achieve what is needed. John builds relationships on total trust with his clients. He holds a B.B.A. Degree from the University of Texas and is a former U.S Army Officer.
CISO, Leadership Team
Eric Vanderveer is on the It’s Just Results Leadership Team and brings 20 years of experience in the IT field, starting as a computer technician for a small-town computer repair company to an IT Director of a local county government. Along with his system/network administration expertise and understanding how to design and operate IT infrastructures. he also brings cyber security knowledge. In the past 3 years, Eric has pursued expanding his knowledge into security with multiple certifications through institutions such as SANS and Mile2 (e.g. including CISSO, CEH, GMON, GNFA).
Eric brings knowledge to the company’s clients by customizing penetration tests to help show clients what needs to be fixed in their security footprint to helping with incident response by working with clients to review security logs to investigate what happened, so it can be contained, eradicated and then recover.
Eric is also a volunteer cyber security professional for the State of Michigan. He is part of the group called Michigan Cyber Civilian Corps or MiC3 for short. Eric can be called in by the Michigan State Police to help them with incident response with organizations in Michigan such as schools, municipalities, hospitals, and even private companies.