A specialist in information & cyber security, cloud services, enterprise risk, technology risk and business resilience with significant experience in multiple industries and multiple geographies - from in depth engineering to Board-level management.
See my LinkedIn profile for my career / job history. Additionally, I am on the Board or Advisory Boards of multiple private companies. Below are my not for profit affiliations.
Center for Internet Security
Co-Founder (2000) / Board Member (2014 - 2020)
CIS® (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls® and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images® are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC®), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices.
New York University - Tandon School of Engineering
Board Member (2018 - Present)
As an institution that traces its origins back to 1854, NYU Tandon School of Engineering is rooted in tradition and opportunity. Our school was, quite literally, the birthplace of the American Dream; it was our alum James Truslow Adams who coined that phrase in 1931. Just as it was then, Tandon is a place where ambitious students from all walks of life get the solid education they need to launch their careers. Invention, innovation, and entrepreneurship suffuse everything here — from our course offerings to our student competitions to our labs and prototyping spaces. We carry our school’s great history forward with a shared goal: To generate ideas and build solutions for a healthier, safer, better-connected, and more sustainable world.
New York University - Stern School of Business / Volatility and Risk Institute
Board Member (2019 - Present)
NYU Stern’s Volatility and Risk Institute (VRI) is an expansion of the School’s celebrated Volatility Institute, founded in 2004. The VRI is Stern’s designated hub to promote and facilitate all risk-related external and internal engagement and research among scholars, practitioners, and policymakers. The VRI is co-led by Robert Engle, the Michael Armellino Professor of Management and Financial Services, director of the NYU Stern Volatility Institute, and 2003 Nobel Laureate in Economic Sciences, and Richard Berner, Executive-in-Residence and Clinical Professor of Management Practice in Finance at NYU Stern, and former Director of the Office of Financial Research.
NSA Science of Security Program
Distinguished Expert (2012 - Present)
In order to encourage the development of the scientific foundations of cybersecurity, the National Security Agency (NSA) established The Annual Best Scientific Cybersecurity Paper Competition. NSA invites nominations of papers that show an outstanding contribution to cybersecurity science. A set of Distinguished Experts will review the nominations according to the criteria below. Awardees will be invited to NSA to receive the award and present the winning paper to an audience of cybersecurity experts.
Co-Founder and Board Member (2016 - 2020)
In 2016, the CEOs of eight banks – Bank of America, BNY Mellon, Citigroup, Goldman Sachs, JPMorgan Chase, Morgan Stanley, State Street, and Wells Fargo – came together to proactively identify ways to enhance the resilience of critical infrastructure underpinning the U.S. financial system. This resulted in the creation of a new organization called the Financial Systemic Analysis and Resilience Center (FSARC). Shortly after the FSARC was founded, an additional eight financial institutions, including the key financial market utilities identified by the U.S. Department of Homeland Security as operators of essential critical infrastructure, joined the FSARC as member firms. The FSARC's mission is to increase the resilience of the critical must run systems that underpin the US financial services sector. FSARC facilitates operational collaboration between participating financial institutions and market utilities, the US Government and other key sector partners in a controlled environment where participants can securely collaborate. Together, we conduct analysis of critical financial sector systems and jointly monitor and warn against threats to those systems.
Co-Founder and Chairman of the Board (2015 - 2020)
Sheltered Harbor was created to protect customers, financial institutions, and public confidence in the financial system if a catastrophic event like a cyberattack causes critical systems—including backups—to fail. Implementing the Sheltered Harbor standard prepares institutions to provide customers timely access to balances and funds in such a worst-case scenario. Sheltered Harbor is not a vendor, product or service. It is a not-for-profit, industry-led initiative comprising financial institutions, core service providers, national trade associations, alliance partners, and solution providers dedicated to enhancing financial sector stability and resiliency.
Board Member (2002 - 2020)
Established in 2002 by the financial sector, the FSSCC coordinates critical infrastructure and homeland security activities within the financial services industry. Its 70 members consist of financial trade associations, financial utilities, and the most critical financial firms.
Council on Foreign Relations
CFR is a leading foreign policy organization with a robust individual and corporate membership. Individual members include many of the most prominent leaders in international affairs who come together to engage in nonpartisan conversation on the most salient policy and governance issues of the day. The corporate membership program provides a unique forum for business leaders to interact with CFR members and other global influencers, noted thinkers, and experienced practitioners.
NIST Information Security & Privacy Advisory Board
Board Member (2020 - Present)
In January 1988, the Congress enacted the Computer Security Act of 1987 (Public Law 100-235). A provision of that law called for the establishment of the Computer System Security and Privacy Advisory Board (CSSPAB) within the Department of Commerce. In accordance with the Federal Advisory Committee Act, as amended, 5 U.S.C., App., the Board was chartered in May 1988. In December 2002, Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of 2002, Section 21 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-4) amended the charter statutory authority of the Board and renamed it the Information Security and Privacy Advisory Board (ISPAB).