When Brooke Johnson began her legal career, cybersecurity wasn’t yet the boardroom fixture it is today. A seasoned litigator by training, she built her reputation on mastering complex cases, balancing risk with accountability, and navigating high-stakes negotiations where every word and decision mattered. Those same skills now define her role at Ivanti, where she serves as Chief Legal Officer and Senior Vice President for Human Resources and Security — a position that blends three critical domains: legal governance, people strategy, and enterprise security.
In this uniquely integrated role, Johnson oversees risk management and compliance across the organization’s global footprint, managing a portfolio that includes privacy, employee relations, and security operations. Her leadership philosophy centers on a simple truth: people are a company’s most important defense.
“You can’t separate cybersecurity from culture,” she often says. “It’s about trust, accountability, and empowering people to do the right thing.”
Integrating legal, security, and human leadership
Johnson’s influence at Ivanti extends well beyond traditional legal counsel. In the past year, she has driven initiatives that align Ivanti’s legal and security frameworks with global standards such as Authorization to Operate (ATO) and FedRAMP, ensuring that the company’s products and practices meet the highest benchmarks for compliance and customer trust.
Under her guidance, Ivanti achieved FedRAMP High In-Process designation for its flagship Ivanti Neurons Platform, reinforcing confidence among its 34,000 customers — including 85 of the Fortune 100.
But Johnson’s leadership goes deeper than compliance. Recognizing the accelerating impact of artificial intelligence on enterprise security, she founded the AI Governance Committee (AIGC) — a cross-functional team designed to guide Ivanti’s ethical, transparent, and secure use of AI. The AIGC helps the company proactively address risks such as bias, privacy breaches, and model vulnerabilities, setting a blueprint for responsible AI adoption in cybersecurity.
“AI is reshaping how we work and protect data,” Johnson notes. “Our role is to ensure it does so responsibly — with the same rigor we apply to every other aspect of governance and risk.”
Her legal acumen and people-centered leadership have positioned her as a key architect of Ivanti’s strategy — one who ensures that innovation and compliance move hand in hand.
Building trust through advocacy and collaboration
Johnson’s impact extends beyond Ivanti’s walls. She has become the company’s primary liaison to cybersecurity-focused policymakers, strengthening congressional relationships and helping shape national cybersecurity policy. In this role, she advocates for closer collaboration between government and industry — calling for more resources, agency engagement, and thoughtful regulation to bolster the private sector’s security posture.
Colleagues and nominators describe her as a transformative leader who manages risk and advises across a comprehensive scope of critical areas — legal affairs, privacy, employee relations, and security — to protect Ivanti’s global operations.
Within Ivanti, her leadership style has earned her another moniker: “The People’s Advocate.” It reflects her ability to champion both business and people — balancing risk with empathy, compliance with creativity, and authority with collaboration. Her legal team is known for being solution-oriented, helping the business innovate securely rather than restrictively.
“Brooke leads with clarity, empathy, and courage,” said one colleague. “She’s not just managing security; she’s modeling how leadership itself can be a force for inclusion and trust.”
Mentorship, inclusion, and Women in Cybersecurity
Mentorship is central to Johnson’s legacy. As SVP for HR, she has championed career development frameworks that include structured goal-setting, job shadowing, and educational opportunities for women across Ivanti. She sponsors the Women’s Connection Group, which amplifies female voices and provides pathways for advancement in cybersecurity and technology roles.
Her efforts have led to measurable gains in leadership representation and retention among women within her teams — the direct result of her belief that diversity fuels innovation and resilience. “When we make space for diverse voices,” she says, “we make better decisions, faster.”
Entering a field historically dominated by men, Johnson faced the challenge of establishing credibility at the intersection of law, technology, and strategy. Instead of conforming, she embraced her strengths — a sharp legal mind, a deep understanding of risk, and a commitment to ethical, people-first leadership. Those same qualities now define her impact across Ivanti and the broader cybersecurity industry.
Her journey reflects resilience, purpose, and a commitment to redefining what leadership looks like in cybersecurity. She has used her position to elevate others, champion responsible innovation, and demonstrate that trust, inclusion, and accountability are not separate from security — they are its foundation.
