Latest Content

Predictions 2025: Security And Risk Pros Will Brace For Regulations And Resilience
Oct 01, 2024
Article
Build The Business Case For Cyber Risk Quantification To Reset Risk Management
Jun 05, 2024
Article
The New Chief Artificial Intelligence Officer Role Balances AI Champion And Risk Manager
Apr 03, 2024
Article
GenAI: GRC Enters Accelerator Era, And Not A Minute Too Soon!
Apr 02, 2024
Article
The DoD Releases CMMC 2.0 As Its Holiday Gift To The Public
Jan 03, 2024
Article
Announcing The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023
Dec 07, 2023
Article
Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together
May 02, 2023
Article
Get A Head Start On The National Cybersecurity Strategy
Mar 02, 2023
Article
Call It What You Want, Cyber Risk Quantification Is Now A Must
Feb 03, 2023
Article
Groundhog Day, SEC Style: Proposed Rule On Cybersecurity Risk Governance Has All The Pain Of SOX With Fewer Financial Penalties
Feb 02, 2023
Article

I'm an innovator. A problem-solver. And an anti-status-quo champion. I'm also an accomplished cybersecurity executive with 10 years' experience leading complex projects, building high-performing teams, and transforming critical IT programs in the public and private sector.

I believe that every project is an opportunity for teams to work smarter. I also believe that good risk management is an underutilized resource in today’s cybersecurity toolkit. With deep expertise in cybersecurity and risk management practices, and a proven project management and consulting background, I help organizations solve their most difficult IT challenges.

As a Forrester research analyst, I help clients transform their security and risk programs to drive measurable business value. Previously, I served as NASA’s very first Chief Cybersecurity Risk Officer, leading a team working to design and deliver a world-class cyber risk and resilience program. I co-lead an intergovernmental team that helps agencies and industry partners adopt forward-thinking risk management practices to make better cybersecurity decisions. You may have seen me speaking at forums like the RSA Conference, FAIRCON, DOE CyberCon, and Forrester Security & Risk Forum. Outside of work, you'll find me in line at any of Denver's great coffee shops, exploring the bike trails, or planning my next trip abroad! Let's connect and work together.

10
articles