Security Isn’t a Product. It’s a Question.

Most security solution providers start with technology. Jonathan Borgesen starts with a question.

It’s a distinction that matters. In Jonathan’s 17+ years in cybersecurity, he’s learned that the providers creating successful security strategies aren’t the ones pushing boxes. They’re the ones helping customers understand why they actually need those boxes in the first place.

Jonathan joined EchoStor in late 2025 to build and lead the organization’s security practice. In his first seven months, he’s already positioned security as something radically different than what most customers see from competitors. Not a product. Not even a service. A way of thinking.

“I don’t care if you buy the absolute best tools under the sun,” Jonathan said. “The Gartner Magic Quadrant, best of breed, all the best. If you don’t have the people or the ability to respond to the information or alerts that tool is producing, that tool is worthless.”

This isn’t a philosophy. It’s earned wisdom. At SMP, Jonathan took a practice from nothing and within five years turned it into major focus. Then at ePlus, he made security a top revenue driver in every region he touched.

Focus on the Fundamentals

Four years ago, a large utility company called Jonathan. They wanted to modernize their perimeter. They were bringing in Palo Alto, Check Point, and consultants to evaluate each.

The other providers came in with shopping carts. Jonathan came in with a question: “Why are you modernizing your perimeter?”

“Other providers could have a very good security conversation,” Jonathan said. “But they can’t carry that into networking as deeply as we can. That’s what separates us.”

Security in Everything

For EchoStor, Jonathan is building a security practice that doesn’t exist as a silo. Security isn’t a conversation you have with the security team. It’s a conversation you have with every team.

When the AI practice is designing governance, security is in that room. When infrastructure is being migrated to the cloud, security is being architecturally designed. When a data center is being redesigned, security isn’t bolted on afterward: it’s woven into the design from day one.

“It’s easier to layer security in from the beginning than to retrofit it,” Jonathan said. “Right now, a customer calls up a competitor and says, ‘I just got this new environment, I need to figure out how to secure it.’ That competitor doesn’t know that environment as well as we do because we designed it. And it’s always harder to layer on security after the fact.”

This approach speaks to one of the realities of enterprise security right now: everyone is overwhelmed. Fortune 10 companies with hundreds of security people, 100-person shops with one IT person—it doesn’t matter. The assessments keep piling up. The reports keep piling up. And almost nobody is coming in to help you solve the actual problem.

“The enterprise customers have assessments coming out of their ears,” Jonathan said. “They’re all being told everything they’re doing wrong. But nobody is telling them how to do it right. And nobody is saying, let’s go arm-in-arm and fix this together.”

That’s the approach. Not selling widgets. We focus on delivering customized solutions that drive tangible results and business impact. Not pushing products into an environment but embedding security into the fabric of how a customer’s technology actually works – and staying there to make sure it performs. When you do that, that’s how strong relationships are formed.