The CISO Initiative is a premier organization designed to empower Chief Information Security Officers and senior IT security leaders. It fosters collaboration, innovation, and leadership in cybersecurity, offering a unique blend of networking, in-depth discussions, and learning opportunities to shape the future of IT security strategy and governance.

Co-Founded principia/RAID, a cybersecurity consulting and advisory firm specializing in compliance, risk & assurance, and vCISO and vCIO services, helping companies achieve CMMC/NIST/DFARS compliance. Need a Compliance or Security Readiness Assessment for NIST 800-171 or CMMC? Wondering what your SPRS score should be? Looking for a stop-gap CIO or CISO? Lacking resources for policy and procedure generation? Call us. principia/RAID can help.Service offerings include: IT Governance & Compliance, Enterprise Cybersecurity, CMMC/NIST 800-171/53, Fractional CISO/CIO, Concierge IT, Virtual and Fractional CISO (Chief Information Security Officer) services, Virtual and Fractional CIO (Chief Information Officer) services, Operational Compliance Management, Assessment of IT systems identifying security gaps and recommending necessary steps or tools to remediate risks, establishing Plans of Actions and Milestones (POAMs) designed to help Clients achieve compliance with Cybersecurity Standards including: NIST 800-171, CMMC, Australian Essential 8, SOC 1, SOC 2, and ISO 27001, establishing actionable client Cybersecurity strategy to help clients immediately address IT operational and cybersecurity risks and establish and achieve an acceptable level of IT and Cybersecurity performance, bespoke personal and SOHO cybersecurity planning and management, board and C-Suite Advisory, customized Policy frameworks designed to elevate the maturity client Cybersecurity program, Export Control and ITAR advisory on operational aspects of international Cybersecurity operations.

Transformed a global Information Security program of a billion-dollar company, ensuring the safety of information assets and gauging the risk position for its ongoing operations. Fulfilled a multi-disciplinary role, functioning as Cobham’s CSO, CISO, Privacy Officer and Security Architect. • Established and oversaw a Global Enterprise-wide SOC which conducted strategic and comprehensive monitoring of Cobham’s information assurance, security and IT risk management assets. • Designed and established requirements for operational IT network.• Implemented and Managed Security Solutions including SIEM, Vulnerability Management, Threat intelligence integration, Endpoint Detection and Response, Phishing detection and simulation, and Data Marking and Loss Prevention • Established and maintained compliance with NIST 800, US DFARS, UK DEFSTAN, Australian Essential 8, and ISO 27001 Cybersecurity standards. • Ensured compliance with GDPR and other Privacy standards and establishing processes and standards to allow continuous improvement of Cobham’s privacy safeguards. • Introduced and implemented Cloud-based Security and IT solutions to the corporate infrastructure. • Addressed Export Control and ITAR issues surrounding the operational aspects of intercontinental Cybersecurity operations. • Provided strategic risk guidance for IT projects and business projects, evaluating and recommending technical controls and procedures required to assess and maintain the information assurance and security position of any new service, application or product.

Developed and led Cybersecurity Law and Policy class concentrating on the political and legal dimensions of U.S. Cybersecurity, the roles and responsibilities of U.S. Government agencies and departments engaged in Cybersecurity, and Cybersecurity Frameworks including NIST, ISO27001, FARS and DFARS. The class helped students recognize and address key policy and legal issues related to Cybersecurity in the United States.

Blended operational Cybersecurity experience with 20 years of Cyber subject matter expertise in telecommunications, privacy, data security, criminal, intellectual property, and related laws to provide legal and risk management guidance on issues associated with Cybersecurity, National Security investigations and other classified operations. Organized and taught legal curricula highlighting the operations risks of Cyber Investigations.

Represented FBI Cyber Division priorities in technical joint USIC operations and substantially expanded FBI footprint in the dynamic and politically charged environment of the DHS Cybersecurity apparatus. Conceived, developed and successfully implemented the inter-agency coordination protocol to govern USGOV initial contact with victims of developing Cyber Incidents. Garnered buy-in and participation from multiple USGOV Cyber response stakeholders. Forged extensive ground-level relationships between operational elements of the FBI and DHS, including NCCIC, ICS-CERT and US-CERT. Designed and instituted a unified rule set for inter-agency coordination designed to quickly vet USGOV equities in large volume data sets associated with DDOS attacks, and quickly disseminate the data to end users in a time critical manner. Integrated multi-agency participation in the mitigation component of the FBI Botnet Initiative. Developed relationships which allowed the FBI to take a leadership role in National Level Event exercises such as the annual NLE and CyberStorm. Conducted daily briefings to DHS Executive Leadership regarding ongoing FBI Cyber operations. Coordinated ongoing FBI Cyber operational efforts with the appropriate arm of DHS Cyber organization.

Managed national strategic efforts of FBI Cyber Counterterrorism and Cyber CI investigations. Developed, coordinated and prosecuted numerous successful applications to the FISC against National Security Cyber threats. Developed and oversaw the classified FBI national level effort against particular groups of State-sponsored cyber actors. Conducted in-depth reviews of field office Cyber programs, including on-site audits and inspections. Actively oversaw FBI wide, Cyber threat priority driven redistribution and reassignment of investigative efforts and resources.

Oversaw an 18M dollar budget including drafting RFPs and source selection. Driving force behind the establishment of the FBI Computer Network Exploitation (CNE) program. Led the technical creation of software development lifecycle and data center management of an in-house software solution. Unified disparate FBI technical elements into a cohesive team of over fifty technology-oriented personnel. Maintained zero-loss retention rate of IT talent. Led the research, development, and operational deployment of new technologies, techniques, and software to further enhance FBI Network Exploitation capabilities. Sought and acquired new personnel with niche skill-sets necessary to the mission of the FBI. Instituted and developed relationships with USGOV partners designed to leverage interagency resource sharing. Conducted numerous briefs to the FISC regarding FBI technical capabilities. Fostered and led a supportive and effective work environment resulting in a consistently effective and successful mission end state.

Conducted numerous classified covert court authorized Computer Network Exploitation (CNE) operations in support of National Security Investigations. Planned and led teams of FBI operators on classified CNE, Red Team and Pen testing operations.

Plank holder of FBI Cyber Division's Criminal Intrusion Unit. Managed National Level Strategy of FBI Cyber Investigations. Conceived, instituted and led the first two Cyber-related Investigations designated as Major Cases, involving the compromise of a network of super-computing centers and a widespread criminal enterprise. Managed technical and Agent personal in the development and execution of technologically advanced FBI Operations. HQ Case Agent for the first National FBI Cyber Investigation into criminal carders. Navigated contracting and administrative processes to quickly obtain Cyber related services and resources from both public and private partners. Recognized the need for, and pioneered the FBI effort against the emerging threat of Botnets. Conceived, planned, and carried out the first FBI Botnet Conference in 2005.

Spearheaded the establishment of the FBI’s Mountain Region Computer Intrusion Program as part of the Salt Lake City FBI JTTF. Regularly consulted by State and Local Law Enforcement regarding technical aspects of Cyber Investigations. Oversaw the day-to-day operations of one of the FBI's most prolific Domestic Terrorism Confidential Source. Managed the infiltration and disruption of Domestic Terrorism groups, including plans to disrupt national level political events. Created and coordinated the FBI Cyber Security plans for the 2002 Winter and 2004 Summer Olympic games which integrated the coordination of participating USGOV Agencies. The plan continues to serve as a template for FBI Olympic Cyber Security planning. Conducted numerous live TV and radio appearances including The Today Show, Good Morning America and The Morning show.

Represented Civil Plaintiffs and Defendants and Criminal Defendants in over 100 successful trials at all levels of State and Federal Court. Supervised firm’s Maryland Litigation Department. Conducted all aspects of litigation including strategy development, filings, pleadings, depositions and interrogatories, witness development, jury selection, and witness examination.