Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.

CSO’s Movers & Shakers is where you can keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Michael Nadeau, senior editor.

November 5, 2018: Lehigh University names Eric Zematis as new CISO

Effective December 17, Zematis will report to Bruce M. Taggart, vice provost for Library and Technology Services. “We are delighted that Eric Zematis has agreed to become CISO at Lehigh,” Taggart said in a press release. “Eric is a highly capable and well-respected IT security professional and will provide critical leadership in our efforts to protect Lehigh’s digital assets, increase campus-wide cybersecurity awareness, and develop more secure university business practices.”

eric zematis Lehigh University

Eric Zematis, Lehigh University CISO

Zematis has 20 years of experience in higher education IT, most recently holding the position of information security officer at Charter Oak State College before becoming its CISO in 2017. He also recently served as senior director of infrastructure at Western Connecticut State University.

As a member of the Library and Technology Services leadership team, Zematis will work with university leadership and with staff throughout Lehigh, addressing the larger institutional issues of security policy and practice, data governance, risk assessment and business continuity, as well as the compliance requirements.

Zematis will also take the lead role in the creation or expansion of proactive threat reduction and security response measures, including vulnerability assessment and remediation, malware detection, desktop patch management and full-disk encryption across campus.

“Protecting our data and systems is an integral part of how we serve our community, accomplished through a partnership between technology, administration, and academics,” said Zematis in a press release. “I am excited to join Lehigh as the chief information security officer and look forward to the opportunity to collaborate across such a vibrant community to create safer digital pathways for everyone to work, live, and learn.”

October 23, 2018: Cisco's Edna Conway joins InfoSec Global’s advisory board

Conway, CSO of Cisco's Global Value Chain, joins the InfoSec Global (ISG) advisory board, which lends its expertise to accelerate the cryptography company’s multi-industry market momentum and meet the growing demand for IoT security. She brings over 30 years of rich experience in developing and leading strategies that improve security and resilience throughout global supply chains. Her roles and expertise in delivering security architectures, technology licensing and government security solutions will help to drive ISG's global strategy in highly regulated markets.

"I am thrilled to join ISG's advisory board and support its mission to put flexible cryptographic control in the hands of its customers. ISG's Cryptographic Lifecycle Management brings the promise of adaptable security and cryptography to reality - for today and for our quantum future," said Conway in a press release. 

October 18, 2018: Sujay Jaladi joins Harbor as CISO

Formerly the head of information security at Ripple, Jaladi will oversee the information security strategy and programs at Harbor, a blockchain-based private securities firm.

“Sujay has the perfect blend of fintech and blockchain experience to accelerate our efforts to build a trusted platform for issuers, investors and regulators,” said Bob Remeika, Harbor CTO and co-founder, in a press release. “Harbor is bringing traditional finance to blockchain, which requires institutional-grade systems, processes and procedures. Sujay’s experience building institutional-grade programs will be invaluable to ensuring the safety of customer data and complying with regulatory requirements.”

sujay jaladi Harbor

Sujay Jaladi, Harbor CISO

“I’ve followed Harbor’s progress for some time and am excited to help deliver a highly secure service that issuers and investors can rely on to make critical financial transactions,” said Jaladi in a press release. “The mission to reengineer private securities is an exciting opportunity and Harbor is well positioned to lead.”

Sujay is a cybersecurity strategist with more than a decade in senior roles at leading companies, including Ripple, Gusto, Prosper Marketplace, Xoom Corporation (a PayPal service), and Hightail. Most recently at Ripple, Sujay was responsible for all aspects of security and managing risk across the company. His experience includes working in high-transaction environments where millions of transactions are processed every hour and performance is extremely critical. 

October 17, 2018: Derek Vadala named global head of cyber risk for MIS at Moody’s

In this newly established role, Vadala will develop Moody’s Investors Service’s (MIS’s) capabilities for evaluating cyber risk, including a framework for the consideration of cybersecurity risk in credit analysis, and will spearhead innovative research, analytics and market outreach in this area.

“As with environmental, social and governance risks, we see cyber risk as an area of increasing relevance to issuers, investors, counterparties and government authorities as it impacts operational and credit risk. Moody’s has a unique perspective that can help enhance market understanding of the ways credit and cyber risk intersect,” said Rob Fauber, president of MIS, in a press release. “Derek has a wealth of direct leadership experience in cyber and information security, and we are fortunate to have him lead the development of our cyber risk analysis capabilities.”

Vadala has served as Moody’s CISO since 2013 and has been with Moody’s since 2003. He has over 20 years of experience in information security and technology management and has spoken and published on topics including security risk management for large enterprises and systems administration.

October 17, 2018 Jason Pufahl appointed VP of information and cybersecurity services at TBNG Consulting

Pufahl has joined TBNG, a provider of integrated IT solutions in New England, to lead its information security and cybersecurity services division. In this role, he will expand the company's service offerings to establish TBNG as a unique and versatile partner in securing customer data and IT resources. Pufahl reports directly to Managing Partner Michael Grande.

"TBNG is committed to expanding its Information and Cybersecurity service offerings and no one is more capable to lead this effort than Jason. He has developed an exceptional reputation as a thought leader in information Security,” said Grande in a press release. “My partners and I are thrilled to welcome him into the TBNG family. In his role, Jason will provide the necessary leadership and experience that will better serve our customers as we continue our growth, both regionally and beyond."

Pufahl previously served as CISO and director of infrastructure at the University of Connecticut. He has dedicated the last 15 years to information security and privacy, and he possesses over 20 years of information technology experience in total. He has an extensive background in enterprise security technical controls, development of risk management programs, industry compliance requirements, state and federal regulatory demands, identity management and security analytics, and establishment of disaster recovery programs and test scenarios.

October 17, 2018: Dickon Smart-Gill named CIO/CISO and SVP of healthcare at Proficio

Smart-Gill will provide leadership to scale Proficio’s service delivery platforms and head strategic initiatives to extend the managed security services provider’s success in the healthcare industry. He has more than 20 years of experience in healthcare IT and is a CHIME Certified Healthcare Chief Information Officer.

Prior to joining Proficio, Smart-Gill was the corporate CIO of Bumrungrad International, a hospital group located in Southeast Asia. He also cofounded a technology consulting group and ERP/EMR software company that was sold to Microsoft. While at Microsoft, he specialized in architecting healthcare information solutions that interacted with data systems and medical devices. Dickon is a frequent speaker at industry events such as HIMSS.

“We are excited to have Dickon join our leadership team,” said Tim McElwee, Co-CEO and chairman at Proficio, in a press release. “Dickon brings a wealth of experience and expertise to our team as Proficio continues to scale and innovate our service delivery platforms and operations. With a deep understanding of the challenges facing the healthcare industry, Dickon is uniquely qualified to further Proficio’s success in healthcare and other industries.”

“I have observed Proficio’s growth and exceptional execution first hand and now I am thrilled to join such a forward-thinking and innovative company,” said Smart-Gill in a press release. “Proficio’s broad client base and industry-recognized managed security services are best-in-class and the road ahead is exciting and full of opportunities. I look forward to playing a strategic role in advancing the company’s commitment to the healthcare industry and expanding our global business.”

October 9, 2018: Bradley Schaufenbuel is the 2018 Chicago-area Chief Information Security Officer (CISO) of the Year winner

As vice president and CISO, Schaufenbuel oversees the information security function at Paylocity, a suburban Chicago-based technology company that develops and maintains cloud-based payroll and human capital management software. Paylocity has 2,600 employees and maintains operational centers in Schaumburg, Illinois; Meridian, Idaho; and Lake Mary, Florida.  Given the sensitivity of the information that is entrusted to it by millions of client employees, Paylocity has tightly embedded information security and privacy considerations into its products and its award-winning culture and is SSAE 18 audited and ISO 27001 certified.

Schaufenbuel has been an active member of the information security community for over 22 years.  He has written multiple books (including two "For Dummies" titles) and has had numerous articles published in professional journals on a wide variety of topics related to information security and governance.  He is a regular speaker at industry conferences (including RSA Conference USA and several other popular security forums) and is frequently quoted as an expert within respected industry publications. 

Beyond work, Schaufenbuel is passionate about making Chicago a hub for cybersecurity innovation and working to vastly improve diversity within the security profession. He sits on the board of advisors of multiple venture capital funds and startups, with a penchant for supporting organizations that are committed to capitalizing or building security-focused enterprises in Chicago. Schaufenbuel is also an active member of the Security Advisor Alliance, a nonprofit organization consisting of CISOs from around the globe that are committed to improving the strength of cybersecurity teams by promoting diversity and opening up opportunities in the profession to underserved students. 

October 12, 2018: Anil Varghese joins Exeter Finance as senior VP and CISO

Varghese has over two decades of global experience in the information security arena, including stints at American Express and Sony. He most recently served as the CISO for Service King. Varghese will be a member of the IT leadership team reporting to CIO Michele Rodgers.

anil varghese Exeter Finance

Anil Varghese, Exeter Finance senior VP and CISO

Varghese has had direct responsibility for setting strategic direction on IT risk, security, compliance, and privacy issues. He has been engaged to support sensitive M&A due diligence initiatives and fostered key relationships. Varghese has also served as a thought leader and security evangelist for PayPal and other companies.

A sitting board member of Digital Accelerator at SMU, Varghese is an active member of the information security/assurance community, including roles as a presenter/speaker to ISSA, CISO Roundtable, InfraGard, ISACA and the FBI.

October 12, 2018: ICF names Crystal Jones as first global data protection officer

Jones, who also serves as assistant general counsel and director, oversees ICF’s Global Data Protection and ePrivacy program. As data protection officer (DPO), Jones ensures that ICF follows data protection best practices and maintains compliance with regulatory frameworks across the globe, from the European Union’s General Data Protection Regulation (GDPR) to California’s recent landmark privacy legislation.

Related:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Page 1
Page 1 of 15
SUBSCRIBE! Get the best of CSO delivered to your email inbox.