CISO Council

As a future-oriented information security executive my key strength is coaching and educating cybersecurity companies on listening to and interpreting the pain-points and priorities of enterprise customers. These insights help drive effective product strategies, go-to-market strategies and ongoing customer success. Over the years, I’ve had the privilege of advising several cyber entrepreneurs who are now thriving. On the heels of their success, I was looking for a new challenge. In 2020, I had the opportunity to meet with the Noname Security team early in its platform design. Recognizing that they were on the verge of solving several challenges in securing APIs, I wanted to be a part of their exciting adventure. I joined Noname as Chief Information Security Officer, where I’m currently establishing a rigorous standard for operational and security excellence, in addition to advocating for ongoing platform changes based on our customers’ needs. ABOUT NONAME SECURITY: Noname Security ensures secure APIs at the speed of business with the most powerful, complete and easy-to-use API security platform. How do I know it works? I was their first customer! I believe in the platform and want to share it with the world. According to Gartner, APIs will be the #1 attack vector by 2022. Gateways and WAFs don’t protect against API breaches or find misconfigurations. API testing and bug bounty programs have significant gaps, leaving businesses exposed. Noname resolves API vulnerabilities across 4 key pillars, or as we call it, DART: ➤ Discover ➤ Analyze ➤ Remediate ➤ Test We’ll find and take inventory of all existing APIs, use AI-based detection to illuminate risks, block attacks in real time and run tests to ensure API integrity before production. WHAT YOU CAN EXPECT: ➤ Solid engineering underpinning a product that’s ahead of the competition ➤ Flexible deployment model with many integrations that adapt to your business ➤ Coverage of the 3 main areas needed to protect APIs: posture management, detection and response and code security What are you doing to protect your company’s digital content? Keep your company’s APIs out of the news with Noname Security. LEARN MORE: See what our customers are saying about us and find more information on our website: www.nonamesecurity.com

As Director Business Applications IT (Fortune 10 drug wholesale company with annual revenues of $18) he has established the business technology strategy and provided architectural oversight and solution delivery for approximately $200+ million multi-phase transformation projects with a resulting IRR of approximately 50+% across Supply Chain Management, Finance and Accounting, Customer Management, Human Resources, Marketing, and Business Intelligence and Data Analytics Business Capabilities.

Eric has extensive leadership and practical C-suite experience working as a Chief Information Security Officer, Chief Risk Officer, and Risk Policy Committee Chair in regulated and non-regulated companies. He has a proven track record of building high-performance teams and partnering with both clients and colleagues to drive the recognition and treatment of franchise level strategic, cyber, privacy, operational, and regulatory compliance risks within interconnected global companies.

Eric currently serves as the Chief Information Security Officer (CISO) for IHS Markit (INFO), a $45 billion public company that is a global leader in information, analytics, and solutions for the major industries and markets that drive economies worldwide.  He is charged with driving the design, implementation and continuous improvement of a global cybersecurity program that supports innovation as an enabler of business and revenue growth establishes a stronger enterprise-wide posture that reduces risk, improves decision-making, and accelerates business priorities, and, cost-effectively mitigates and reduces the risk and impact of the client, market and regional disruptions caused by physical, technology and cybersecurity-related incidents. Previously, Eric held senior leadership team roles at S&P Global (Chief Risk Officer, S&P Global Market Intelligence) and Thomson Reuters (Chief Resiliency and Business Information Security Officer, Wealth Management), and senior product, operational, and risk management roles at Citibank and Bankers Trust.

Eric received his Bachelor of Arts degree in Economics from the University of Michigan and his Master’s Degree in Business Administration in Finance and Management from New York University’s Stern School of Business.  He is a co-Chair for the New York CISO Advisory Forum, holds the CISSP certification from (ISC)², the FBCI (Fellow) certification from the Business Continuity Institute (BCI), and serves as a speaker, trainer, contributor, moderator, and panelist for (ISC)², the BCI, DCRO, ISACA, and several New York metropolitan area business schools on topics including Operational Risk, Crisis & Incident Management, Data Privacy, Supply Chain Resiliency, and Cybersecurity and Business Resiliency Convergence.

Kevin’s background includes former CISO roles at a global law firm and Fortune 500 home builder and spans nearly 24 years in IT, with over 18 of them in Information and Cyber Security, responsible for building and leading teams focused on incident management, operations, DLP, mobility, forensics, compliance, policy, privacy, and business continuity across public and private industries and in highly regulated environments. Kevin’s passion for security is only exceeded by his passion for people and service, and he has had the pleasure to present extensively within the Information Security community, while serving on several advisory and governance boards. In March 2015, he was nominated for and selected by his peers as the ISE® Southeast People's Choice Award Winner. Kevin holds a B.S. in IT from UMass Lowell, and an MBA from Pacific Lutheran University, while maintaining CISSP, CISM, and CISA certifications.