The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.
CSO’s Movers & Shakers is where you can keep up with new senior level security executive appointments and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Michael Nadeau, senior editor.
March 12, 2018: OATI appoints Khalil Houri as CISO and Jerrod Montoya as deputy CISO
Houri and Montoya will lead a new security and risk management team at OATI, a provider of products and services for the energy industy. This team will be responsible for the overall governance of OATI security and risk management, which includes cybersecurity, physical security, vendor management, and security awareness and training. They will report directly to Sasan Mokhtari, president and CEO of the company.
The team will ensure applicable OATI security policies and procedures are in place, enforced, and coordinated across all OATI departments. Houri and Montoya will also interact with customers, regulator and industry groups, law enforcement, and other applicable security groups as needed.
“With the implementation of this dedicated team, OATI can further enhance security measures for customers in this constantly changing security paradigm,” said Mokhtari in a press release.
March 6, 2018: Eddie Saunier named CSO at Burr & Forman
Saunier will lead legal services firm Burr & Forman’s overall information security program and will assume responsibility for managing the firm’s technology and information management compliance and risk.
“Eddie’s devotion to managing and securing Burr & Forman’s systems and networking infrastructure with the utmost level of scrutiny furthers our confidence in his ability to meet all the information security needs of the firm and our client information,” said Burr & Forman CEO Ed Christian in a press release. “Eddie will ensure we are at the forefront of best practices to provide a consistent level of data security.”
Since joining the firm in 2002, Saunier has been responsible for managing the core servers and networking infrastructure as senior systems engineer. Saunier earned his undergraduate degree in materials engineering at the University of Alabama at Birmingham.
March 5, 2018: Florida Agency Network names Matthew Froning as CISO
Froning will drive title agency Florida Agency Network’s (FAN’s) existing information security program and collaborate with the industry to implement best practices on information security.
“We are pleased to welcome Matthew to our team. His reputation, expertise and intimate knowledge of industry best practices will allow us to design and deploy a best-in-class, global security strategy,” said Aaron M. Davis, CEO of FAN.
The former CIO of a leading information security consulting company, Froning has led the charge for improving security processes and procedures for organizations while tightening controls to protect from cyber attacks. A security industry veteran, he developed information security assessment processes which included guidelines and reports aligned with regulatory and ALTA Best Practices. Froning is an Air Force veteran and former federal agent who has investigated, managed and directed computer-related criminal, counterintelligence, counterespionage, fraud and undercover matters for both the federal government and the military.
“Florida Agency Network has been an industry leader in the approach to secure their systems, processes, and the consumer information they are charged with protecting. As part of the team, I look forward to helping FAN continue to enhance their security program and provide the best service and level of security possible for their clients,” said Froning in a press release.
February 28, 2018: Richard Roberts takes on dual COO/CISO role at Stratus Interoperable
As a member of Stratus Interoperable’s executive management team, Roberts’ operations and cybersecurity experience will help drive product delivery and development with a focus on enhanced security at this provider of data integration and business intelligence services in the healthcare industry.
Before joining Stratus Interoperable, Roberts built a healthcare advisory company and spent 10 years at the nation’s largest private healthcare ITO/BPO organization. There he served as chief technology officer with responsibility for IT strategy, planning and cybersecurity for both corporate and customer initiatives. He oversaw enterprise-wide infrastructure architecture and standardization, integration, business transformation, and the development of enterprise application solutions.
“I’m very excited to join the SI Team. It’s my goal to leverage this opportunity to positively influence the quality of patient-centered healthcare, while helping drive Stratus Interoperable and the StratusLink platform to prominence in the healthcare technology industry,” said Roberts in a press release.
February 22, 2018: Lewis Brisbois hires Frank Gillman as CISO
Gillman will work closely with law firm Lewis Brisbois’s Data Privacy & Cybersecurity practice to provide a suite of client services. He has more than 30 years of technology experience in the legal field, including 20 years in the CIO/CTO role for three notable AmLaw 200 firms, including Lewis Brisbois. He has led and implemented first-to-market initiatives for legal technology solutions during his various tenures in the infrastructure, telecommunications, mobility, and data security fields.
“We are very fortunate to have the opportunity to work with Frank in providing client services. With his operational experience and expertise, we are adding tremendous value to a variety of client engagements to better secure their networks and better prepare them to respond to data security incidents,” said Data Privacy & Cybersecurity Chair Sean Hoar in a press release.
As a part of the data privacy and cybersecurity team, Gillman provides clients with security control assessments mapped to information security frameworks, incident response planning, tabletop exercises, executive training in network security awareness, and information security policy and procedure development.
“I’m excited about the opportunity to evolve the traditional CISO role within a law firm to this expanded scope,” Gillman said in a press release. “What makes it doubly so is to be able to do it alongside some of the most talented lawyers in the data privacy and cybersecurity fields.”
February 12, 2018: Equifax names Jamil Farshchi as new CISO
Farshchi, who previously served as CISO at The Home Depot, will assume company-wide leadership of work already underway to transform the company’s information security program and collaborate with the industry to share best practices on information security. He will be based in Atlanta, Georgia, and report directly to the CEO.
“We are pleased to welcome Jamil to our team and confident that he possesses the talent and skillset needed to continue our journey toward developing industry-leading security practices and, ultimately, to help us regain trust with consumers and customers,” said Paulino do Rego Barros, Jr., interim CEO at Equifax, in a press release. “Jamil has a reputation for helping enterprises rebuild and fortify information security programs. His expertise in risk intelligence and cybersecurity combined with his intimate knowledge of industry best practices will allow us to design and deploy a best-in-class, global security strategy to re-establish ourselves as a trusted leader.”
Prior to his role at The Home Depot, Farshchi was the first global CISO at Time Warner, where he brought to bear risk-management techniques from the financial and government sectors to develop a model security program for the media and entertainment industry. Before that, Farshchi was the vice president of global information security at Visa, where he developed and implemented the firm’s first global information security strategy; led efforts in mobile security, identity, and big data; and transformed its security program into a recognized global leader.
“Equifax is a company with tremendous potential, and I am confident that we will transform our security program into one of the most advanced and recognized globally,” said Farshchi in a press release. “I am grateful for this new challenge and am looking forward to enabling the business with new insights, a fresh perspective, and a multi-dimensional way of thinking about global data stewardship and information security.“
February 12, 2018: ThreatModeler Software hires David Nester as CSO
Nester joins ThreatModeler Software, Inc., a provider of an automated threat modeling platform, after serving as the global director of Fortify on Demand at Hewlett Packard Enterprise. “I was truly impressed with the ThreatModeler Platform,” said Nester in a press release. “When the ThreatModeler team demonstrated their automated platform and how it accurately identifies 99% of the potential static and dynamic application vulnerabilities before a single line of code is even written, I knew instantly this was the solution many organizations need.”
Nester is an accomplished information security leader with 20 years of experience and success in fulfilling mission-critical security objectives and goals, and directing global technology teams. At Hewlett Packard, he managed the global team of application security experts. Nester offers advanced capabilities in application security and risk management combined with a deep understanding of the intersection between technology, business, and operational needs.
February 9, 2018: Thesys CAT LLC appoints Vas Rajan as CISO for consolidated audit trail
Rajan will be responsible for ensuring security compliance of the CAT System and evolving and executing cybersecurity programs as the CAT platform advances from build to live along with its continuous development and optimization. He will also be responsible for partnering with the CISOs from the self-regulatory organizations (SROs) to ensure the highest standards of security across the CAT System.
Mike Beller, CEO, Thesys Technologies, said in a press release, “Security has been at the forefront of our design and strategy for the CAT system from the beginning, and one important key to success is ensuring there is a well-rounded leader to oversee all the security aspects of the CAT, both before it goes live, and once it is operational. We are pleased that, together with the SROs, we have found an exceptionally talented candidate like Vas, who is highly capable of securing the system and working with the multiple stakeholders within CAT to deliver best in class security practices.”
Rajan joins Thesys CAT with over 20 years of IT experience within the financial services industry. Most recently he served as CISO and business continuity officer of CLS Bank, the member owned FX market utility, where he was responsible for the security strategy of the company in accordance with all requirements of a financial market utility, designated as systemically important by the U.S. government. Prior to CLS, Rajan was head of security and privacy officer of ING Direct USA, a major retail bank and brokerage.
February 6, 2018: Armored Things adds Elizabeth Carter as CSO
A specialist in threat and risk assessment, crisis management and response, and emergency program management, Carter will work with Armored Things customers to bridge the gap between cyber- and physical security. The company develops software that protects large public and private facilities and venues against risks and threats.
Prior to joining Armored Things, Carter led crisis management for the Americas at Apple, Inc., where she was responsible for responding to incidents and protecting the company’s operations, personnel, and facilities throughout North and South America. Her experience also includes senior director with The Chertoff Group in Washington, DC, where she worked with public and private sector clients on issues related to counterterrorism, cyber security, crisis management, health preparedness, and infrastructure protection.
“Elizabeth has been a friend and trusted colleague for years, and our team couldn’t be more thrilled to have her aboard,” said Armored Things CEO Charles Curran in a press release. “Given her experience that bridges the gap between physical and cybersecurity, she is uniquely qualified to help our clients leverage technology to reduce risks and respond more quickly and effectively to emergencies.”