Who I am starts in the deserts of California, not far from Edwards Air Force Base, many moons ago with parents who thought that all of Wisconsin was just like the Madison they knew and loved from their time at the University; they were very, very incorrect.

After growing up in central Wisconsin, my desire to go out on my own took me, like my parents before me and my sister after me, to the University of Wisconsin in Madison.

With development as my focus in school, my sights turned to infrastructure and security as I began Blizzardtech in the mid-1990’s to help physicians get office networks set up, build and maintain office PC’s, install medical billing systems and use the fledgeling (at the time) Internet and VPNs as a secure WANs to connect remote office.

From there, the security of the infrastructure and the eventual move toward technology risk management were my mainstay through my next two positions in both financial services and healthcare. I found leadership, fiscal analysis and strategic thinking to be my forte; to bring my technical experience and be able to speak to both nontechnical people and the technologists to “sell” the vision was what I wanted to be doing.

Most recently, I was the CISO and Privacy Officer for a technology company called ProQuest where we found ways to get journals, periodicals, books and other scholarly information into the hands of those doing research.  In addition to the technology, I also got to instil my ideas into the processes and mindset of both the internal operations of the company as well as to build security, privacy, business continuity and risk management into the products we develop for our customers to use.  (N.B. All views expressed on this blog are my own personal views and do not necessarily reflect those of any former employer or customer).

Now I have launched Secratic, a security services firm focused on both CISO/Chief Privacy Officer-as-a-Service offerings, along with some leadership development and mentorship for technologists making the move to security and/or privacy leader roles. Secratic is focused on the medium/large business market, but also has been very helpful to startups that want to build their products with security and privacy from the get-go.

I have had the opportunity to drive a number of very cool programmes from concept to completion including:

  • Building and running vulnerability management programme
  • Building and running a security operations centre (SOC)
  • Building and running a global “green-field” InfoSec programme
  • Building and running a enterprise identity & access management programme
  • Building and running a global privacy protection and compliance programme
  • Consulting on secure business processes and related technologies as part an agile development lifecycle

For my full C.V., please visit my LinkedIn page

All this security and risk in my life is fitting as I am a natural-born contrarian and enjoy picking out gaps and vulnerabilities and helping to resolve them

As if being in a technology role every day is not enough, I also love using technology of all kinds in my home life. From mobile phones (I can never have too many, and always love to test more!) to tablets, home video distribution to vinyl analogue audio. If it has a plug and a screen, I am interested in using it.

As the father of a school-aged child, keeping the message strong on Science, Technology and Math (and Space!) is a huge part of my life. From kitchen experiments to watching rocket launches, I am committed to spreading the word on STEM as it is how we can make the world wonderful through science, innovation and breaking new barriers (and teach our kids how to be scientific as well!)

In the past few years, I got into triathlons and have done a few thus far. The training is great for your body and mind; if you want to get in really good shape, sign up for one and train for a tri! The triathlon world is very welcoming and all you need are legs, a bike and a swim suit – you have those, right? So, try a tri!