VP & Chief Information Security Officer
In his current role as Vice President and Chief Information Security Officer at AppDynamics, Craig is focused on building and scaling a strong information security practice to protect company data and ensure customer trust. Craig’s strategy is forward-leaning and centered on driving proactive, risk-based and data-driven decisions to enable business. Craig is passionate about leveraging security to develop customer trust as the business of security evolves from imperative to competitive advantage. As a technologist at heart, Craig thrives on translating the technical complexities of cybersecurity as a function of corporate risk management for the Chief Executives and the Board Room. Prior to AppDynamics, Craig was the Vice President and Chief Security Officer for FireEye where he built and led the company’s first information security and risk management practice through IPO in September, 2013. Prior to FireEye, Craig launched the first Security Architecture practice at Pacific Gas & Electric Company. There, Craig was focused on building resilient security architectures to protect the company’s critical infrastructure and went on to lead the Company’s cybersecurity strategy along with a team dedicated to advising the business and Chief Executives on cybersecurity risk. Craig has been practicing and consulting in the field of information technology and security for over 20 years.
“A CISO’s Journey from the Basement To The Boardroom”
Your company has been managing risk for a long time. To your Board and Executive team, cybersecurity risk should be no different – and now more than ever it’s on their radar. You’ve finally been asked to come in, present, and de-mystify this shiny new, persistent risk bubble on the risk register that you’ve been tirelessly fighting off for years with your team. Now that roadblocks have been removed, it is time to shift the conversation from your day-to-day firefighting of vulnerabilities and managing security projects. You must engage the Board in a meaningful conversation on risk and what it will really take to manage it effectively. This is the opportunity you need to be preparing for whether it happens tomorrow or next year, because it is inevitable. This is always easier said than done, but in the end, clearly translating the impact we have on protecting our businesses is slowly becoming the rule, and not just the exception. In this talk, Craig will share his perspective on the latest trends behind Board and Executive interest when it comes to cyber risk concerns and share some tips and perspectives to arm yourself for the boardroom conversation.