Gary Hayslip

Opinions expressed by ICN authors are their own.

As Chief Information Security Officer (CISO), Gary Hayslip guides Webroot’s information security program, providing enterprise risk management. He is responsible for the development and implementation of all information security strategies, including the company’s security standards, procedures, and internal controls. Gary also contributes to product strategy, helping to guide the efficacy of Webroot’s security solutions portfolio.

As CISO, his mission includes creating a “risk aware” culture that places high value on securing and protecting customer information entrusted to Webroot. Gary has a record of establishing enterprise information security programs and managing multiple cross-functional network and security teams. Gary is co-author of “CISO Desk Reference Guide: A Practical Guide for CISOs” focused on enabling CISOs to expand their expertise and scope of knowledge.

Gary’s previous information security roles include CISO, Deputy Director of IT and senior network architect roles for the City of San Diego, the U.S. Navy (Active Duty) and as a U.S. Federal Government employee. In these positions he built security programs from the ground up, audited large disparate networks and consolidated and legacy network infrastructure into converged virtualized data centers.

Gary is involved in the cybersecurity and technology start-up communities in San Diego where he is the co-chairman for Cybertech, the parent organization that houses the cyber incubator Cyberhive and the Internet of Things (IoT) incubator iHive. He also serves as a member of the EvoNexus Selection Committee where he is instrumental in reviewing and mentoring cybersecurity and IoT startups. Gary is an active member of the professional organizations ISSA, ISACA, OWASP, and is on the Board of Directors for InfraGuard. Gary holds numerous professional certifications including: CISSP, CISA and CRISC, and holds a Bachelor of Science in Information Systems Management and a Master’s degree in Business Administration. Gary has more than 28 years of experience in information security, enterprise risk management and data privacy.

The opinions expressed in this blog are those of Gary Hayslip and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

Hack like a CISO

5 simple steps for SMBs to ensure cyber resiliency

5 simple steps for SMBs to ensure cyber resiliency

While these tips are by no means a complete guide for how SMBs can be resilient, they can be the start of a continuous process small and mid-sized business should implement to be better prepared.

What should a cyber-resilient business look like?

What should a cyber-resilient business look like?

Cyber resiliency and the value it brings to a company and its customers will depend on how well the business incorporates its security program as a strategic partner.

Why data governance should be corporate policy

Why data governance should be corporate policy

Data is like water, and water is a fundamental resource for life, so data an essential resource for the business. Data governance ensures this resource is protected and managed correctly enabling us to meet our customer's expectations....

Incident management for SMBs

Incident management for SMBs

In today's dynamic threat environment, developing a risk management methodology is a strategic imperative for all companies.

9 policies and procedures you need to know about if you’re starting a new security program

9 policies and procedures you need to know about if you’re starting a new security program

Any mature security program requires each of these infosec policies, documents and procedures.

Building a cybersecurity strategic plan

Building a cybersecurity strategic plan

These types of plans are cybersecurity road maps that establish pathways an organization can follow to improve its overall risk management approach.

Security metrics: telling your value story

Security metrics: telling your value story

Security leaders must understand metrics as critical tools to explain how security services support the organization and its strategic objectives.

Data privacy, a growing strategic initiative

Data privacy, a growing strategic initiative

The aggregation of new threats, laws and consumer activism makes data privacy a strategic initiative for today’s businesses to adopt as part of their core business operations.

Approaching cybersecurity as a critical business function

Approaching cybersecurity as a critical business function

Taking the right security steps for small and medium-sized businesses (SMBs).

5 actions that companies should take to establish their first cybersecurity program

5 actions that companies should take to establish their first cybersecurity program

A mature enough company must start laying the foundation for their enterprise security program.

Cyber Threat Intelligence (CTI) – Part 2

Cyber Threat Intelligence (CTI) – Part 2

Providing even more clarity to organizations’ cybersecurity programs.

Load More