Ray Rothrock CEO & Chairman RedSeal Why Nominated: Having spent decades leading and advising both technology and
information security companies, Rothrock knows that cybersecurity for any
organization goes well beyond just deploying and managing strong technologies.
It’s also about strategically thinking about security needs holistically top
down. And, for him, this means that since every entity is a “cyber
organization,” the related risks they face are a CEO and board-level
responsibility. With this foundation in mind, Rothrock works well beyond the
confines of his office, reaching out practitioners, C-level executives,
government leaders and even average citizens through a bevy of activities and
ventures. Profile: After
spending some 25 years at Venrock, the Rockefeller family’s VC division,
investing in dozens of leading tech companies, Rothrock founded RedSeal and
became its CEO and chairman in 2014 because of his strong belief in its cyber
resiliency and risk modeling platform. Under his guidance, the company now
serves more than 220 government agencies and Global 200 organizations.But, his work goes well beyond that of a corporate leadership
executive. In addition to keynoting and chairing a range of technology,
cybersecurity and national security conference and serving on various advisory
and leadership boards with the likes of the U.S. Department of Energy, the
Nuclear Energy Advisory Committee, MIT and still others, he also has found time
to write a book that has been touted as a “Top 10” must-reads on cybersecurity
this year. Called “Digital Resilience: Is Your Company Ready for the Next Cyber
Threat,” the book has educated both public and private leaders about how vital
it is for top-level executive to educate themselves and understand and support
risk management and digital resiliency plans. “If you’ve recently been put in
charge of IT or IT operations and didn’t grow up in cybersecurity over the past
20 years, this book is for you. It’s also equally useful for new CEOs, CFOs and
board members who need to understand cyber risk without getting overwhelmed
with IT technology or defeatism,” said Ron Gula, Tenable Network’s co-founder.
In addition to this work, Rothrock also was selected to join
the board of The Nuclear Threat Initiative this year to help expand its
mission. Known for spearheading undertakings to help prevent nuclear,
biological, radiological and chemical attacks of mass destruction and
disruption, the group is looking to Rothrock and other of its board members to
help it more strongly address massive cybersecurity assaults. This and other of
his efforts underpin his belief in strategically thinking about cybersecurity
holistically, which means making your organization more resilient. So, rather
than trying to address cyber risks simply by investing millions of dollars in
technology, executive leaders must also ensure that their infrastructures are
durable and adaptable through such actions as active monitoring, establishing
practices that allow for the containment and understanding of attacks when they
do occur, and creating business continuity and disaster recovery plans to keep
up and running during and after an attack happens. What colleagues say: "Ray told me back in 2004 [that] he wanted to do more to understand complex networks. He thought that knowing what you have and how it’s connected allows you to find any security gaps before they were exploited. This was the beginning of his focus on resilience rather than perfect protection. He brought in engineering talent and added management experience and funding to found RedSeal. He’s stayed on that course, improving on the concept over the years. … [He] has made it his mission to spread the word about the importance or resilience.” – Rhonda MacLean, CEO, MacLean Risk Partners -Illena Armstrong
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
