The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.
Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Andrew Flynn, regional executive editor.
New CISO appointments, March 2023
Andrea Simpson named CISO of Howard University
Ms. Simpson, a highly regarded expert in cybersecurity, has more than 20 years of professional experience in the industry. She has held the CISO role with the Federal Communications Commission, where she directed the pilot program for government-issued laptop deployment for the agency's telework initiative as part of its pandemic response plan, and AmeriCorps. Simpson says working at Howard will help her create a space for young adults to gain hands-on cyber experience.
Meredith Griffanti appointed as global head of cybersecurity and data privacy communications at FTI
Ms. Griffanti, who is based in New York, will oversee the growth of FTI Consulting’s cybersecurity communications capabilities. She most recently served as Americas co-leader of cybersecurity and data privacy communications at the business consulting firm, specializing in crisis communications during incident response and cybersecurity preparedness planning. Ms. Griffanti will focus on partnering with leaders and teams globally to further strengthen the firm’s holistic cybersecurity communications capabilities and enhance new levels of collaboration to support clients.
Sebastian Welsh appointed CISO of energy technology company SwitchDin
Mr. Welsh becomes the first CISO at SwitchDin and will work to establish security frameworks for emerging technologies. With 17 years of experience as a leader specializing in building a whole-of-enterprise defense model within businesses, he held roles as the head of security at Canva and staff security engineer at Google before joining SwitchDin.
Joshua Reedy becomes new CISO at New Zealand technology services firm Kordia
Mr. Reedy will take responsibility for Kordia’s Group’s internal cyber security posture, integrating best practices and leading a team of security specialists. He was previously security services manager at Vodaphone, where he oversaw security operations, design, and delivery and led internal offensive security teams.
David Dunn named CISO at global risk and financial advisory service provider Kroll
Mr. Dunn, who had served as deputy CISO at Kroll since 2016, is tasked with continuing to strengthen the firm’s security program to address the evolving and complex threat landscape. With more than 25 years of experience, he was previously a member of the US Secret Service Electronic Crimes Task Force — where he was a lead investigator on an international stolen credit cards scam involving millions of dollars — and is also a 19-year veteran of the Seattle Police Department.
Jaya Baloo named CSO at cloud threat detection provider Rapid7
Ms. Baloo will be tasked with strengthening Rapid7’s internal security program and furthering the company’s mission to deliver greater access to cybersecurity across industries. With more than 20 years of cybersecurity experience, she has previously held roles at Avast and was CISO at Dutch telecom firm KPN. Ms. Baloo is a member of the advisory boards of The Netherlands National Cyber Security Centre and the EU Quantum Flagship’s Strategic Advisory Board.
New CISO appointments, February 2023
Doug Clare appointed as head of cyber strategy for ISS Corporate Solutions
Mr. Clare will assume overall responsibility for ICS’ cyber solutions strategy, including evolving its cyber risk-related offerings and client experience. He will also lead the cyber-risk product and client teams tasked with enhancing and expanding ICS’ risk monitoring and broader suite of related products. He has more than 25 years of experience at Fair Isaac (FICO) and served most recently as FICO’s vice president of fraud, compliance, and authentication solutions.
Keith Anderson named CISO of JetBlue
Mr. Anderson will oversee JetBlue’s information security and will oversee the airline’s strategies, policies and procedures designed to minimize information security risk and proactively detect and address new threats. He previously served as CISO at Warner Bros. Discovery and held security leadership roles at AT&T, Goldman Sachs, and Citi. Mr. Anderson holds a master’s degree in cybersecurity from New York University and a master’s degree in management information systems from Stevens Institute of Technology.
Melissa Knight appointed as CISO of Tego Cyber
Cybersecurity software-as-a-service provider Tego Cyber has named Melissa Knight as chief information security officer. Ms. Knight has been as CISO and cybersecurity executive for 20 years, working in government and commercial sectors. She has held leadership roles with the US Department of Defense and US Department of Energy's National Nuclear Security Administration security operations teams. She has also worked at Sands Corp., Herjavec Group, and Brier & Thorn.
Mike Housch named CISO of banking digital transformation solutions provider Q2 Holdings
Mr. Housch has more than 25 years of security experience in the financial technology sector. He previously served as CISO for Black Night and as information security officer for Lender Processing Services. He spent more than 10 years as chief information officer at First Federal Bank of Florida.
John Paul Cunningham joins identity protection firm Silverfort as CISO
Mr. Cunningham brings more than 24 years of experience managing cyber risk, building operating models designed to reduce cost and cyber risk, while also adhering to compliance standards as CISO at Bank of Hope, Docupace, Ares Management and J.P. Morgan Asset Management. He will design and implement Silverfort’s cybersecurity program.
Claudia Plattner appointed as President of German Federal Office for Information Security (BSI)
Ms. Plattner is formerly Director General Information Systems of the European Central Bank (ECB) and was chief information officer at DB Systel, the IT provider for Deutsche Bahn. She is the first female president to be named to the role at BSI. She will begin in the position on 1 July 2023. Plattner replaces former president Arne Schönbohm, who was dismissed in October over allegations of ties with Russian intelligence agencies.
Heather Lowrie appointed as first CISO for the University of Manchester
Ms. Lowrie will lead the strategic transformation of information security and identity and access management services at the University of Manchester and will design and implement a vision for the protection of the university's digital footprint. She formerly held the position of head of cybersecurity, risk, and resilience for National Records of Scotland. Ms. Lowrie provided cybersecurity assurance, oversight, and operational management for Scotland's first digital-first census. She will join the university at the start of May 2023.
New CISO appointments, January 2023
Chris Hodson hired as CSO at Cyberhaven
Mr. Hodson will be responsible for all areas of security to protect both employees and customers. This includes cloud and application security, operations, and risk management. He comes to data detection and response solution vendor Cyberhaven from Contentful, and previously has held CISO roles at Tanium and Zscaler. Mr. Hodson is a board advisor at workforce development platform Cybrary and a fellow at the Chartered Institute of Information Security. He is also the author of the book Cyber Risk Management.
Amanda Fennel named CISO and CIO at Prove Identity
Ms. Fennel will oversee security operations at Prove, a provider of digital identity solutions. She will also play a role in educating the security market about digital identity authentication technologies. She was previously CISO and CIO at Relativity and earlier had worked in digital forensics and cybersecurity at companies such as Symantec, Dell SecureWorks, Zurich Insurance Group, Booz Allen Hamilton, and Guidance Software.
Harold Rivas joins Trellix as CISO
Mr. Rivas will lead the extended detection and response vendor's global security and compliance initiatives. He comes to Trellix from LoanDepot, where he served as CISO. Prior to that, Mr. Rivas's 20-plus-year career include senior information security roles at Santander Consumer, Fujitsu America, and Citigroup. He is also a member of the FBI InfraGard.
New CISO appointments, November 2022
Gavin Reid named CISO at HUMAN Security
Mr. Reid had been leading HUMAN's Satori Threat Intelligence & Research Team. He will continue overseeing the Satori Team while expanding his leadership scope to the IT and information security teams. He will also lead the Human Collective, which will become an arm of the threat intelligence team. Mr. Reid had previously served as CISO at Recorded Future.
Jason Loomis joins Freshworks as CISO
Mr. Loomis is expected to bring expertise in operational excellence in security for both Freshworks' business software customers and the company itself. He has more than 20 years of experience in IT and security, most recently as CISO of Mindbody, Inc. Earlier, Mr. Loomis was CISO at TechStyle Fashion Group.
Katie McCullough appointed CISO at Panzura
Ms. McCullough will be responsible for security and compliance for both Panzura, a provider of hybrid multi-cloud data management products, and the company's customers. She has more than 25 years of experience executing and leading security operations, compliance, managed services, and cloud solutions at companies including OneNeck IT Solutions and CDW/Berbee.
Chris Hatter joins ShiftLeft as CISO
Mr. Hatter will be responsible for appsec vendor ShiftLeft’s security program, influence the enablement of the developer- and customer-centric go-to-market strategy, and serve as a customer advocate in ShiftLeft’s product roadmap. He previously served as Nielsen's CISO for six years where he developed that company's cloud-first security program.
Frank Kim is the new CISO-in-residence for YL Ventures
Mr. Kim will work with the venture capital firm’s portfolio companies and entrepreneurs to guide their ideation, value propositions, and customer relations. This includes working with entrepreneurs on the business impact of cybersecurity solutions. He has 15 years of experience as a CISO, and has served as chief information security and risk officer at the SANS Institute, where is is also a fellow.
New CISO appointments, October 2022
Todd Dekkinga joins Zluri as CISO
Mr Dekkinga will focus on establishing and implementing effective security practices for customers and partners of Zluri, which provides an SaaS management platform. He brings years of IT and security experience in areas such as cloud computing, AI, machine language, IoT, and blockchain. Most recently, Mr Dekkinga was CISO at Airgap Networks. He also serves on the advisory boards of several technology companies.
Andrew Smeaton appointed CISO at Afiniti
Mr Smeaton will be responsible for maintaining and maturing the infosecurity program at Afiniti, which provides an AI-based solution that matches customers with contact center agents. He has more than 20 years' experience in security and risk management and was most recently the CISO at DataRobot. Mr Smeaton has recently received the 2022 (ISC)2 Global Achievement Award for the (ISC)2 CEO Award for his contributions to the cybersecurity community.
New CISO appointments, September 2022
Max Shier joins Optiv as VP and CISO
Mr Shier will be responsible for leading a team to implement and monitor a strategic, comprehensive, enterprise information security and IT risk management program. He draws upon 27 years of security experience and previously held positions in the defense industry and the federal government. He is a 23-year Air Force veteran, serving overseas in several countries, including Japan, Korea, Saudi Arabia, UAE, and Iraq.
Richard Bird appointed CISO at Traceable
Mr. Bird will lead API security vendor Traceable's internal security efforts and work with the product team to help secure customers' APIs through the company's API Security Platform. He has nearly 30 years' experience in cybersecurity and IT operations and has previously served as global head of identity at JPMorgan Chase and chief customer information officer at Ping Identity.
Maarten Van Horenbeeck and Nubiaa Shabaka named CSO and chief privacy officer, respectively, at Adobe
Mr. Horenbeeck will be responsible for cybersecurity-related decisions across the company, enabling Adobe to further secure its systems, solutions, and networks, and protect its customer and company data. Ms Shabaka, who also will serve as Adobe's chief cybersecurity legal officer, will be responsible for privacy-related decisions across the company, leading a team focused on delivering a world-class privacy experience to Adobe’s customers.
George Jones joins Critical Start as CISO