Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.

CSO’s Movers & Shakers is where you can keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Michael Nadeau, senior editor.

January 14, 2019: Box hires Lakshmi Hanspal as CISO

With more than 20 years of experience in information security, risk management and privacy, Lakshmi will be responsible for Box's cybersecurity practice, security operations and data and platform protection. She will help Box scale its security organization and work with Box customers to ensure their security needs.

lakshmi hanspal box Box

Lakshmi Hanspal, Box CISO

Lakshmi was most recently CSO at SAP Ariba. Previously, she was the senior leader for information security and risk at PayPal. Lakshmi advises several Silicon Valley startups and serves on the advisory boards of numerous cloud companies. She is also an active supporter and promoter of women in technology and developing talent within teams.

"In today's world, security threats have become persistent, and compliance and privacy are only getting more complex. This coupled with the fact that the nature of work is dramatically changing driven by a new generation of worker with different expectations and cultural norms, makes it imperative that organizations move to secure and compliant cloud services, such as Box, to protect their most critical information,” said Lakshmi in a blog post.”

January 8, 2019: Ronald Buchanan is Washington state’s new CISO

Working under Washington Technology Services (WaTech) Director Jim Weaver, Buchanan will oversee the state Office of CyberSecurity. He brings more than 20 years of global information security experience to the role with deep expertise managing cybersecurity, developing and leading high-performing teams, and managing risk and compliance in heavily regulated environments.

Buchanan will be moving from his current role as chief information risk officer and IT director, Information Security and Privacy Office, for the Oregon Health Authority and Department of Human Services. Previously he worked as the director of special investigations and threat analysis for Pearson VUE and as a senior cybersecurity advisor with Battelle supporting the FBI’s Criminal Justice Information Services (CJIS) division.

“Ron is an experienced information security professional who has the depth of expertise needed to build on the important work the Office of CyberSecurity does to safeguard the personal information of Washington state residents,” Weaver said in a press release. “I look forward to working with Ron.”

December 31, 2018: Vermont governor announces Nicholas Andersen as the state’s new CISO

Working for the Vermont Agency of Digital Services (ADS), Andersen brings 12 years of cybersecurity experience to this position. Since 2017, he served as a vice president at Invictus International Consulting, LLC, and co-founder of Pueo Business Solutions, LLC. In those roles, he assisted with information assurance and cybersecurity in partnership with the Defense Intelligence Agency, Federal Aviation Administration, U.S. Department of Homeland Security, U.S. Army, Coast Guard, and Navy, and the U.S. Marine Corps Forces Cyber Command. In 2018, Andersen received the U.S. Government Information Security Leadership Award for his work in penetration testing, incident response, and risk and vulnerability assessment services across the federal government.

“Nick’s experience in government and private industry, as well as his strategic, policy and operations experience make him an exceptional fit for the job,” said ADS Secretary John Quinn in a press release. “His skillset and experiences will benefit our ongoing security initiatives, as well as promote additional innovative initiatives. We look forward to his arrival.”

“Nick will make a great addition to the ADS team and to the Agency’s important work to secure and modernize Vermont’s information technology services,” said Governor Phil Scott in a press release. “His background and expertise in this area is a tremendous asset for the Agency and our state.”

Andersen earned a B.S. in Information Technology Management from American Public University System in 2011 and an M.S. in Information Security and Assurance from Western Governors University in 2014.

December 19. 2018: Richard Noguera joins Yapstone as CISO

Noguera will drive all information security initiatives, including application security, incident response, threat and vulnerability management, and security architecture for online marketplace payments provider Yapstone's world-class risk and security program, reporting directly to CTO Sanjay Saraf.

As the former CISO for Gap, Inc., Noguera established industry leading detect-and-response capabilities for any attacks or threats targeting its customers, employees, and partners. This was achieved across a global footprint spanning 3,000-plus stores globally. He was also accountable for securing transactions across all Gap web and mobile properties, including Gap, Old Navy, Banana Republic and Athleta.

"At Yapstone, security is fundamental to what we do every day," said Noguera in a press release. "What excites me is that Yapstone is enabling truly frictionless payments, using leading-edge security technologies to do so."

"Security is an intrinsic part of our global payments platform and is embedded in every part of our micro-services based architecture," said Saraf in a press release. "I am excited to have Rich join our Product Engineering team, lead our security technology group and continue to make security a key element in our end-to-end development process and culture across the company." 

December 19, 2018: Danny Pickens named director of threat research for Fidelis Cybersecurity

As director of the Threat Research Team, Pickens brings over a decade of experience in military intelligence, counterterrorism and cybersecurity to Fidelis. “Danny has a wealth of expertise, coming from the military and intelligence communities as well as leading large-scale, commercial cyber threat intelligence operations. We are thrilled to have him lead our Threat Research Team in delivering countermeasures and finished intel to our products and customers,” said Nick Lantuh, president and CEO, Fidelis Cybersecurity, in a press release.  

Prior to joining Fidelis, Pickens served as a director at Optiv where he managed the Global Threat Intelligence Center and lead research for managed security services. He spent the majority of his career within the United States military and various divisions of the Department of Defense and other U.S. Government organizations, working across the tactical, operational and strategic levels of intelligence and cyber operations. He continues to serve in the U.S. Army Reserves as an intelligence team Non-Commissioned Officer in Charge (NCOIC) where he supervises the preparation and dissemination of all-source intelligence products, intelligence summaries, forecasts, and assessments.

“The best cybersecurity is armed with true intelligence – the work of understanding threat motives to better predict and prevent malicious activities,” said Pickens in a press release. “This intelligence is required for leaders to make informed and good, judgement-based decisions. It has a role in every industry, but the expectation and abilities in cyber threat intelligence have evolved dramatically in the past few years, moving way beyond a threat feed or blocking at the perimeter based on static indicators. Fidelis is at the forefront of this evolution. I am thrilled to join the highly-experienced team here, where we have such strong technology supporting us and vision for the future.”

December 14, 2018: David Jollow appointed CISO at Healogics

Jollow will conduct assessments of current IT security and risks and provide next-generation security solutions at Healogics, a provider of advanced chronic wound-care services. He will also be responsible for enhancing, implementing and operating an updated comprehensive information security program. Jollow will report to Healogics CIO Ty Smith.

david jollow Healogics

David Jollow, Healogics CISO

"We are so impressed by David's track record of delivering business value through process excellence and team development," said Smith in a press release. "I believe that David's broad experience in establishing, leading and managing information security programs will help us take our offerings to the next level. We are thrilled to welcome him as our new CISO."

Most recently, Jollow served as the CISO at Nemours Children's Health System for over four years. While there, he developed and led an enterprise information security program. Jollow was also responsible for all aspects of information security including policies and procedures, technology, awareness, training, incident management and team development. Prior to Nemours, Jollow was the head of information security at Bausch & Lomb.

Jollow is a former United States Marine and is a Certified Information Security System Professional (CISSP). He earned his MBA and Bachelor of Science in Electrical Engineering from the Rochester Institute of Technology.

December 11, 2018: GlaxoSmithKline announces Dawn-Marie Hutchinson as CISO for pharmaceutical and R&D units

Hutchinson will leverage her extensive experience in cybersecurity and risk management to enhance business strategy, improve supply chain operations and manage enterprise risk. She has more than 18 years of success in healthcare, retail, technology and professional services sectors and is a recognized thought leader and writer. Hutchinson is credited with establishing standards and controls for the anonymization of identifiable data and authored the white paper for defining those levels, as well as use cases for the secondary uses of medical data.

Named as one of the "Top 12 Most Influential Women in Cyber Security" by CSO Magazine and "Eight Women to Watch" by SC Magazine, Hutchinson has also received recognition as a trailblazer for women in cybersecurity and has hosted “SPARK,” an event at Black Hat to encourage mentorship and opportunities for women in the space.

December 8, 2018: Bill Carver named CISO at NetSPI

As NetSPI’s top security officer, Carver will ensure that the data, communications, systems, assets and vulnerability orchestration solutions are secure at NetSPI, a provider of orchestrated vulnerability management and security testing services. He will leverage his experience managing diverse and complex cybersecurity strategies to safeguard both NetSPI and its global customers from new types of attacks and vulnerabilities.

“By creating this role, we are demonstrating that security is embedded in every aspect of our business, from IT architecture and software development to operations, policies and procedures,” said Aaron Shilts, president and COO, in a press release. “And Bill is perfect for the role. His passion for helping organizations improve their security posture will benefit not only NetSPI, but our clients as well.”

Previously NetSPI’s practice director for advisory services, has more than two decades of information security experience. Prior to joining NetSPI, he helped establish consulting services capabilities at Optiv and FishNet Security, focusing on the evaluation and improvement of information security programs. He has also held information security roles at Merck and CitiFinancial.

“In today’s globally connected society, cybersecurity is more critical than ever. I am thrilled to contribute to NetSPI’s vision both in leading our internal cybersecurity efforts as well as providing strategic direction to help support our client’s threat and vulnerability management programs,” Carver said in a press release.

November 26, 2018: Code42 adds VP of information systems to CISO Jadee Hanson’s title

Hanson, who joined data loss protection, visibility and recovery solutions provider Code42 in 2016 as senior director of information security, was promoted to CISO in April 2018. Jadee Hanson, Code42 CISO, expands her leadership position to include VP of information systems. Jadee will manage global security and IS organizations.

In her expanded role, Hanson manages information technology, business enablement and internal application development. In addition, she leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations.

hanson jadee headshot2 780x735 Code42

Jadee Hanson, Code42 VP of information systems and CISO

“Since joining Code42, Jadee has played a pivotal role in advancing our data security strategy and program. We are excited to have Jadee expand her leadership position,” said Joe Payne, Code42’s president and CEO, in a press release. “Jadee is not only committed to putting the protection of our customers’ data first, but is also an advocate for women in technology and drawing on diverse viewpoints to solve business challenges.”

Related:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Page 1
Page 1 of 17
SUBSCRIBE! Get the best of CSO delivered to your email inbox.