Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Page 4
Page 4 of 21

February 21, 2019: Cindi Carter joins MedeAnalytics as CSO

Carter will oversee global enterprise security, advance a culture of accountability, and protect people, information assets, data and technologies for healthcare analytics firm MedeAnalytics and its clients.

"Cindi is a poised and fierce addition to MedeAnalytics," said Paul Kaiser, MedeAnalytics CEO, in a press release. "As a respected leader in the industry with a proven record of success, Cindi's expertise and deep insight in cyber and data security will be a vital asset in the relentless protection of our organization, and the information and data entrusted to us by our clients."

Named as SC Media Magazine's "Women to Watch in Cyber Security 2018," Carter previously served as the deputy CISO at Blue Cross and Blue Shield of Kansas City where she led vulnerability management, threat intelligence, and cyber defense.

"I'm excited about joining MedeAnalytics, and it's my mission to ensure the company is safe, secure and resilient against cyber and physical threats," said Carter in a press release. "Security needs to be a shared mindset across the organization, from top-down and bottom-up. Advancing a culture that places high value on securing and protecting our company and the clients' information entrusted to us is my guiding principle."

Carter holds several recognized certifications in security, information technology, and project management. She holds a Master of Science degree in Information Technology and a Bachelor of Science degree in Management Information Systems; both from Central Michigan University.

February 20, 2019: Venminder hires Gordon Rudd as third-party risk officer

Gordon will work with the delivery team at Venminder, a vendor risk management software and services firm, as a third-party risk management subject-matter expert in residence, assisting with client engagements and the further development of Venminder’s educational series. “We’re thrilled to welcome Gordon to the Venminder family,” said James Hyde, Venminder CEO, in a press release. “Gordon’s impressive background in third-party risk management and cybersecurity brings valuable insight that our clients will appreciate, as well as allows us to further continue our commitment of providing free educational materials that help the industry navigate this area.”

Gordon has more than 30 years of experience in the financial services industry. Most notably, Gordon held the position of vice president, CISO at RCB Bank. He implemented and managed the bank’s cybersecurity and enterprise risk management programs, which included managing internal and external audits and regulatory examinations, creating the vendor management office and implementing a successful continuous process improvement program. Gordon is also the founder of the CISO Mentoring Project and is an engaged mentor to many aspiring and active CISOs across the country.

“I am very excited to now be in a position where I can contribute to helping thousands of organizations and individuals meet regulatory expectations and implement best practices,” said Gordon in a press release.

February 13, 2019: Former Walmart CISO Kerry Kilker joins Fishtech as executive VP and CISO

Kilker will be responsible for driving internal and customer-facing initiatives related to security, governance, and compliance at the cybersecurity firm. He will also run newly created Fishtech Group Innovation Center in Northwest Arkansas. Most recently, Kilker was senior VP and CISO for Walmart Technology, where he established and operated a world-class cybersecurity program for the world’s largest retail organization.

“I am excited to join the nationally recognized Fishtech team with its history of building large, fast-growth companies in the cybersecurity space,” said Kilker in a press release. “Being part of such an entrepreneurial team is a career high, and I’m especially pleased with this opportunity to bring leading edge cybersecurity resources to the Northwest Arkansas region.”

“Kerry is an icon in our space,” said Gary Fish, CEO and founder of Fishtech Group, in a press release. “Having worked at the ‘Fortune 1’ for 30-plus years, Kerry brings a wealth of knowledge from his viewpoint of customer wants and needs. His hard-won perspective will help tailor our service and technology offerings to serve today’s heavily burdened CISOs.”

February 8, 2019: University of Delaware names Ken Kurz as CISO for information technologies

Kurz is responsible for information security governance, including strategy and program administration, policy development, enforcement and compliance, risk assessment, incident response and training and awareness programs. Kurz will oversee the IT-Technical Security and the IT Security Policy and Compliance teams within UD Information Technologies and provide counsel on institution-wide information security and related security policy, procedures, and compliance issues. Previously, he was vice president of IT and CIO at Corporate Office Properties Trust and the CISO at the University of Oklahoma

ken kurz University of Delaware

Ken Kurz, University of Delaware CISO for information technologies

“Ken Kurz brings extensive experience in leading information security and technology teams to UD, including experience in higher education,” said Sharon Pitt, UD’s vice president of information technologies and CIO, in a press release. “His ability to build partnerships, assess complex situations, and deliver technology solutions that meet UD’s needs will be an asset both strategically and tactically to our community.”

Kurz said he sees his role in information security at UD as both exciting and complex. “I can’t think of a more exciting time at UD to take on this position,” Kurz said in a press release. “Faculty, staff, students, and alumni expect real-time anywhere access to services and information while keeping their data secure. Ensuring that reality presents enormous challenges and opportunities for our UDIT teams. I’m looking forward to collaborating with the UD community and continuing to broaden our role as trusted advisors across the university.”

December 2018: President Trump appoints Brian Harrell as assistant secretary for infrastructure protection at DHS

Harrell serves as the first Department of Homeland Security’s assistant director for infrastructure security within the newly renamed U.S. Cybersecurity and Infrastructure Security Agency (CISA).

harrell official 2018 U.S. Department of Homeland Security

Brian Harrell, assistant secretary for infrastructure protection, DHS

Recently recognized as one of Security Magazine's Most Influential People in Security, Brian is the former managing director of enterprise security at the Duke Energy Corporation. He is also the former director of the electricity ISAC and director of critical infrastructure protection programs at the North American Electric Reliability Corporation (NERC) where he was charged with helping protect North America's electric grid from physical and cyber-attack. Brian has spent time during his career in the U.S. Marine Corps and various private sector agencies with the goal of protecting the United States from security threats.

December, 2018: Pioneer Natural Resources names Gregory Wilson as CISO

Wilson will oversee strategy and operations of an information security function and will lead the Cyber Security Steering Committee. He will coordinate and collaborate with the IT department, risk management, corporate security, audit and compliance functions on all information security initiatives at the independent oil and natural gas exploration company. 

Prior to joining Pioneer, Wilson served as the head of information security at 1st Global. He led the IT compliance and security function at TPG Capital and the IT compliance and security group at Lehigh Hanson.

February 7, 2019: Brian Fricke moves to BBVA Compass as CISO

Fricke will oversee the bank’s information security and engineering risk functions. He is responsible for setting the bank’s enterprise information security policy and overseeing its information and cybersecurity risk functions for all its associated websites and systems. Fricke brings 18 years in information security and risk management to the role.

“Brian has deep experience in building information security initiatives across a multitude of organizations and military installations,” said BBVA Compass Head of Engineering Jorge Ortiz in a press release. “It’s clear from his vast experience and educational pursuits that information and cybersecurity are his passion. We’re thrilled that he’s bringing that trove of experience with him to this role that is vitally important for the bank and the customers it serves.”

Prior to his role at BBVA Compass, Fricke was the CISO for the Bank OZK, where he established a first-of-its-kind information security program. He has also worked as the CISO at the Military Sealift Command in Washington, DC. Other experience includes stints at the U.S. Securities and Exchange Commission, USAID OIG and five years as a sergeant in the Marine Corps.

Fricke is on the advisory committee on cybersecurity for executive education at the USF School of Public Affairs, a CISO steering committee member for the Mid-size Bank Coalition of America and a volunteer senior information assurance analyst for the Cyber Security Forum Initiative. He was also a member of the board of directors for OutServe.

February 7, 2019: David Hahn named CSO at Silicon Valley Bank

Hahn will oversee operations for SVB’s cybersecurity, business continuity and physical security programs. He is based in Santa Clara and reports to CIO Nick Shevelyov.

“We are excited to welcome David Hahn to lead security operations at SVB,” said Nick Shevelyov, CIO at Silicon Valley Bank, in a press release. “Hahn’s broad knowledge and dynamic experience in information security operations will be instrumental as we continue to enhance our technology capabilities to support our innovative clients.”

Hahn joins SVB from Hearst Corporation, one of the largest conglomerates in the world, where he led corporate information security and risk as the company’s first CISO. Previously, he led the creation of the cyber fraud program at Intuit. He also spent 23 years in information security at Wells Fargo. 

February 6, 2019: DocuSign CISO Vanessa Pegueros joins Carbon Black’s board of directors

Cloud-based endpoint security vendor Carbon Black announced that Vanessa Pegueros, a seasoned technology leader and security executive, has joined Carbon Black's board of directors. Pegueros currently serves as vice president and CISO for DocuSign, Inc. 

Throughout her distinguished career, Pegueros has held numerous senior security executive positions, including roles at U.S. Bank, Expedia, Inc., Washington Mutual, Inc., Cingular Wireless and AT&T Wireless.

"We're pleased to welcome Vanessa to the Carbon Black board of directors as we continue our mission to keep the world safe from cyberattacks," said Carbon Black President and CEO Patrick Morley in a press release. "Vanessa is a strong leader with a wealth of technology experience. Her impressive security background is a perfect complement to our board as we continue to scale the company and drive global growth."

January 31, 2019: Dr. Abdul Rahman joins Fidelis Cybersecurity as chief scientist

Dr. Rahman brings over 10 years of experience in government cyber defense programs and building security infrastructures able to protect against a variety of threats to his new role at Fidelis Cybersecurity, a provider of threat detection, threat hunting, and response solutions. 
“I am happy to announce the addition of Abdul to our management team as we have an opportunity to change the security game,” said Nick Lantuh, president and CEO, Fidelis Cybersecurity, in a press release. “With his diverse Intelligence Community and DoD background coupled with deep data-science expertise, he brings the necessary skills to formulate and deploy cutting-edge research and strategies into Fidelis’ product portfolio.”

Prior to Fidelis, Dr. Rahman worked as a contractor for the U.S. government designing, deploying and supporting big data cyber defense platforms for large customers. He has held senior leadership roles in his previous companies including vice president of technology and innovation as well as chief scientist. Dr. Rahman holds doctorate degrees in both physics and mathematics. He specializes in the development of analytical capabilities to process data for learning algorithms that enable pattern matching, correlation, and anomaly detection to support cyber network defense use cases.

“Fidelis is one of the only companies in the market that has the ability to actually help enterprises calculate their vulnerable attack surface,” said Dr. Rahman in a press release. “It’s incredible technology. I knew I wanted to be involved in its continued development and innovation.”

January 28, 2019: eShopWorld appoints Ray Thorpe as CISO

Thorpe joins cross-border commerce company eShopWorld with more than 20 years of global experience in information security and technology, including 10 years in senior leadership roles. The newly created CISO role is part of an ongoing commitment to data security and risk management.

“Security has always been a top priority in all aspects of our operations, and appointing Ray reflects our continued commitment in this regard,” said eShopWorld CEO Tommy Kelly in a press release. “In today’s retail climate, cybersecurity is at the forefront for every business leader. We are committed to elevating our risk disciplines and ensuring that we continually adopt best practices aligned to protect eShopWorld’s information and reputation and those of all of our clients and stakeholders.”

As CISO, Thorpe will be responsible for eShopWorld’s overall information security strategy. He brings expertise across information security, data protection, IT change management, audit and compliance. His previous industry experience spans banking, payments, retail and managed services consulting.

Prior to joining eShopWorld, Thorpe was a senior manager at global standards organization BSI, where he provided advisory and auditing services regarding information security, data protection, digital risk management, governance and compliance to some of the world’s largest organizations. Prior to that, he served as a PCI security standards council advisor and head of IT and security at payment services and financial solutions company MyGate Global. He holds a post-graduate degree in Management Information Systems from the University of Cape Town and an MSc in Information Security from Royal Holloway, University of London.

January 28, 2019: Southwest promotes Michael Simmons to managing director technology / CISO

Simmons will continue to be responsible for all aspects of cybersecurity across Southwest's facilities, airports and aircraft, comprising of security engineering, security operations, incident response, threat intelligence, risk and compliance and security software development. Simmons joined Southwest in 2016, and he previously had leadership accountability for cybersecurity, IT strategy and enterprise architecture, IT maintenance and support and IT service management where he helped lead a multi-year department-wide transformation initiative to better align information technology with the business to deliver strategic initiatives.

January 24, 2019: AttackIQ hires Christopher Kennedy as

headshot chris kennedy 002 AttackIQ

Chris Kennedy, AttackIQ CISO and VP of customer success

In this newly formed role, Kennedy will be responsible for managing all aspects of customer relations and success, as well as internal information security strategy at AttackIQ, a provider of continuous security validation.

“Kennedy joins AttackIQ with a thorough understanding of how to enable our customers to secure their environment leveraging the MITRE ATT&CK framework,” said Brett Galloway, CEO of AttackIQ, in a press release. “Kennedy’s ability to leverage his experience in operations, risk management, and security testing, and his time as a former customer will be instrumental in his ability to drive success for our customers.”

Kennedy joins AttackIQ from Bridgewater Associates, where he was head of security for infrastructure technology and controls engineering, and brings more than 20 years of cybersecurity risk and operations practitioner experience. Previously, Kennedy led the development of the U.S. Department of Treasury's and the U.S. Marine Corps’ cybersecurity operations programs, defense and federal contracting for Northrop Grumman, and is a former Marine Corps Officer and Operation Iraqi Freedom veteran.

“I'm delighted to be joining the AttackIQ team. After a career of trying to answer the key security executive question of ‘what is my risk posture today?’, I firmly believe that breach simulation and continuous security validation will become the heart of the CISO program,” said Kennedy in a press release. “We will continue to help our customers disambiguate the security investment process through an objective, measurable, threat driven analysis of their security program using the MITRE ATT&CK framework which will make communication, coordination and program execution easier, risk oriented, and more effective.” 

January 23, 2019: Chris Roberts joins Attivo Networks as chief security strategist

Previously a member of the Attivo Networks Advisory Board, Roberts is one of the world’s foremost experts on counter threat intelligence. He will use his more than 20 years’ security experience to further develop and define strategy and processes for the company’s government and industry customers on issues related to cybersecurity strategy, policy, risk threat assessments, and incident response.

Roberts will work with customers globally to develop and implement risk reduction strategies across new and legacy technologies. He will manage an advanced consulting services program that will provide compliance/assurance reviews to assess whether cybersecurity policies and standards are being met and to provide cybersecurity strategy and operations guidance for C-level executives. He will also be a key driver of strategy and vision around the Attivo Networks deception portfolio in areas where he has deep expertise including adversary and vulnerability research and market education.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Page 4
Page 4 of 21
FREE Download: Get the Spring 2019 digital issue of CSO magazine today!