CISO Council

Paul Calatayud serves as America’s Chief Security Officer for Palo Alto Networks. Prior to his role with Palo Alto Networks, Paul was Chief Technology Officer for FireMon, leading business development, corporate development, and product strategy. Paul is a two-time CISO and lead security strategy for a fortune 5 healthcare company providing cyber technology strategy for over 300K employees. Paul has held progressive roles in information security at the Department of Defense, Medtronic, Comcast, BAE Systems, Best Buy, and Vesta. Paul is also an advisor to half a dozen cyber companies, VC, and private equity firms. Paul holds multiple certifications including: CISSP, CISA, CISM, and GCIH. Paul holds a B.S. in Information Technology, MBA, Masters in Cryptography, and a PhD in Leadership (in progress).

Highly motivated, creative, passionate, organised and performance-focused individual with over 10 years’ experience in Cyber Security, Data Privacy, Business Continuity, Third Party Assurance, Risk Management, Audit and Assurance.

Strong background in highly regulated environments (Banking / Insurance) and ‘Big four’ professional services experience. Diligent and professional, adept in identifying risk exposure in operations as well as developing and implementing improvement activities. Operates with an ethical, commercial and customer focused approach coupled with a pragmatic and positive approach to risk management.

Specialties: Cyber Risk, Information Security Reviews, Vendor Risk Management, Risk Assessments, Supplier Audit, Data Privacy, Privacy Impact Assessments, GDPR, Risk Frameworks, Regulatory Compliance Management, Risk Consulting, IT Strategy, Business Continuity and Section 166 skilled person reviews

Ray Austad began his IT and Information Security career in Higher Education and Non-Profit, and pivoted over to financial enterprise after 18 years. Commencing his career with Zurich Farmers Insurance’s Group Information Security as a Business Information Security Officer. In 2014 he joined the Farmers Insurance Group Business Unit to lead Cloud and Application Security, Vulnerability Management, and Incident Response. In 2020 Ray took a different view of Cybersecurity and risks to business by moving over to Farmers Risk Management team. As Director Information Security and Risk Management, the next chapter started with being able to evaluate the organization with a new and intriguing lens. The first quarter was allocated to learning more about Enterprise Risk Management and adjusting to a role of business assurance, opposed to operational execution. The second quarter changed the organization and our personal lives with the pandemic, and provided new, unforeseen challenges. However this offered new opportunities to calculate organization and supplier risks, and view business resiliency differently. Heading into the third quarter, the focus will be on continued improvements with information security risk baselines, collaboration with our operational and business partners to monitor pandemic impacts, and evaluate new and emerging risks.

Rick is VP, Information Security at Centene Corporation, and CISO of Carolina Complete Health based in Charlotte, NC. Rick supports both the NC health plan and corporate Centene in a cybersecurity leadership role. In his prior role, Rick worked as Virtual CISO supporting international companies. Rick also developed the curriculum for a Cybersecurity Master’s degree program for an International University. Rick is an avid speaker at cybersecurity conferences, and is a member of The CyberWire Hashtable. He is part of the editorial panel of the Council on Cybersecurity Critical Security Controls, and is the lead author on the newest version 8 of the Controls. Rick is also on the Board of his local ISC2 chapter. Rick ran ethical hacking, incident response and forensics, and risk management teams throughout his 25+ year cybersecurity career. Previously, Rick was cybersecurity practice lead for a private intelligence and security firm, was CISO a multi-national US company, and has held positions as a Risk Management consultant at Gartner, Chief Scientist for Lockheed Martin’s Center for Cyber Security Innovation, and Managing Principal in the Professional Security Services practice at Verizon.