CISO Council

David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.

Versatile influencer and award winning thought leader with a transformational background and the ability to drive change in complex global environments. Proven ability to set the strategic direction for security within the organization and align with enterprise stakeholders to build strategic roadmaps to enable the business by developing and implementing flexible security solutions. Demonstrated ground-up success in building a security program encompassing security strategy, program oversight, security architecture and organizational awareness. Deep background in multiple security disciplines focused on integration of people, processes and technology. Strategic business partner and trusted adviser who drives adoption of new security platforms providing thought leadership, vendor management and negotiation expertise to achieve significant cost savings to enable deployment. Technology evangelist who promotes identity and access management (IAM) to securely integrate cloud technology platforms. Business ambassador who fosters a sense of community and strong collaboration across the organization to build a federated approach to enterprise security. Viewed as a visionary for security strategy inside the company and externally as a speaker at industry conferences. Interests: Cloud Computing, Security Architecture, Identity and Access Management (IAM), Strategic Planning, Vendor Management, Risk Management, Program Management, Incident Management, Mobilization & Communication, Training & Awareness, Privacy, Financial Management, Information Security Management, Network Security, Cyber-security, ISO 27001, HIPAA, Vulnerability Assessment