As part of the Howard County Economic Development Authority (HCEDA), the Maryland Innovation Center (MIC) is an advanced business incubator and acceleration program providing experienced guidance and information to help companies in the greater Washington-Baltimore metroplex start and grow. Furthermore, through its Cyber Advisory Council and first of its kind CISO-In-Residence initiative, the MIC differentiates itself from other such programs by helping companies fulfill information protection and compliance requirements upon which access to customers and capital depends. In his capacity as Cyber Advisory Council Chair and CISO-In-Residence, Mr. Taule oversees and directs the cyber specific activities in which the MIC engages. This includes developing and providing assessment, training, and enhancement programs designed to help residents and affiliates understand, build, and maintain programs of cyber hygiene, developing content and cultivating partnerships and support services to recognize trends and respond to emerging threats, and serving in an CISO advisory capacity with respect to fulfilling customer assurance and regulatory mandates, meeting cyber requirements necessary to raise investment capital, and managing risk to achieve maximum exit valuation.

In this role Mr. Taule oversaw the ongoing development and evolution of the HITRUST CSF to ensure its relevancy and continued sufficiency with organizations in multiple industries throughout the world. This included a broad range of risk management, controls mapping, and systems/framework development and support activities such as requirements integration, control specification, and the development of standards that organizations can use to facilitate the integration of the HITRUST CSF in their information protection programs. Mr. Taule also oversaw the organization's internal information assurance efforts to ensure that HITRUST continued to earn and keep the confidence of customers and third parties who entrusted the organization with the safekeeping of their data.* Cloud Controls Shared Responsibility Matrix* Standardized Syntax and Natural Language Expression for Security and Privacy Controls* DoD CMMC Accreditation Board Development Body; Standards Chair* HSCC Cybersecurity Working Group* HHS 405(d) Task Group Member

Jason Taule, FEI's Chief Security Officer and Chief Privacy Officer, is responsible for the information security strategy, policy and program for the company. Mr. Taule is a member of the senior leadership team and is charged with coordinating enterprise-wide information security, risk management, privacy, and governance, a capacity in which he has standardized processes and procedures for critical activities such as data classification, information handling, risk management, vulnerability management, resiliency, incident response, and systems development.Mr. Taule also serves as Principal System Security Officer for customer facing projects overseeing SSOs for engagements, and has final authority for all FISMA security artifacts produced (e.g., Risk Assessments, System Security Plans, Contingency Plans, Certification & Accreditation (C&A) packages, etc.). Mr. Taule provides security architecture/solutions support to ensure adherence to Federal security standards and coordinates our centralized program to identify, report (e.g., POA&M), manage, and ultimately close any Corrective Action Plans (CAPs) arising from self-assessments or third party audits to which we are subject.* Leading DHHS Business Partner for past 15 years* Member of the Health IT Standards Committee’s Transport and Security Standards Workgroup* Member of the DHHS/CMS Information Security and Privacy Working Group* Member of the HITRUST CSF Advisory Council* Member of the Loyola Sellinger School ISOM Advisory Board* Author and lead developer of the Security Maturity Model©* Development and maintenance of a comprehensive FISMA Controls Repository* Development and delivery of firm’s Security Services Catalog* Creator of the HoCoCISO CISO-In-Residence and VCISO fractional CSO/CPO programs* (ISC)2 HCISPP Task Force helping create the industry's premiere security/privacy certification* White House Invitee for President's Precision Medicine Initiative Security Roundtable

As Chief Security Officer / Chief Privacy Officer, Mr. Taule was responsible for CSC's Civil Healthcare sector’s overall IT governance program. This included oversight for IT Operations, Information Security, Regulatory Compliance, Privacy, and Risk Management as they related to the organization's healthcare IT business. Mr. Taule also had an external facing role serving as Principal System Security Officer with overall delivery responsibility for the security and accreditation of the many systems contracts/programs the organization he supported had with its various federal government customers.* PSSO for numerous DHHS/CMS programs (e.g., DESY, DADSS, MEIC/HETS, and NPICS)* OCR HIPAA Privacy Complaint Investigation Team Lead* CISO Executive Network Advisory Council* Member of the Homeland Security Preparation and Response Team* Howard County Economic Development Authority (HCEDA) Technology Council Board * Leader of the HTC HACKIT Affinity Group* Howard Community College Adjunct Faculty* Graduate of FBI Citizens AcademyPrior to joining CSC, Mr. Taule held multiple senior level security positions, including that of CISO and Privacy Officer at General Dynamics Information Technology, CISO in State Government, Global Director of the Information Security Practice at Ajilon Consulting, and Senior Associate at Booz Allen & Hamilton. He previously served on the State of Maryland Governor's IT Security Subcommittee, and is a former member of the Privacy Committee of the Colorado State Government Data Advisory Board.

RESPONSIBILITIES:As Chief Information Security Officer, Chief Risk Officer, and Chief Privacy Officer, Jason was the senior-most individual in the organization charged with promoting and coordinating enterprise-wide risk management, information security, and privacy. Managed corporate risk, information security, and privacy department to ensure appropriate security controls are in existence and in force throughout the enterprise. Worked with executive management to determine acceptable levels of risk for the enterprise. Oversaw and coordinated security efforts across the company, including information technology, human resources, communications, legal, facilities management and other groups, to identify security initiatives and standards.* Hosted Application Service Provider (ASP) operations for commercial healthcare clients* Sought and obtained SAS70 / SSAE16 Certifications* First Healthcare ASP to earn CSF certification from HITRUST* PSSO for numerous DHHS/CMS programs (e.g., VMS, RDS, COB, DDPS, and others)

RESPONSIBILITIES: * Provided information and systems security and privacy consulting services to executive management of firms and agencies in Maryland, Virginia, and DC. * Managed and provided technical oversight for all security projects and programs RESULTS * Redesigned secure financial infrastructure, successfully deployed advanced resiliency features * Risk Management/Security Program Development effort for leading healthcare service provider * Security Retainer for ad hoc "CISO" consulting to local property management firm * C&A/ST&E of Agency systems pursuant to recent Federal legislation * HIPAA security gap analysis and compliance program development for large local provider * Security Maturity Model (SMM) assessments for firms in several industries * Vulnerability Assessments and Fortification of 100+ networks in the "SOHO" market * Acting CISO responsible for enterprise security and compliance at healthcare technology integrator.

Global Director of Ajilon Consulting's Enterprise Security Practice. * Responsible for all security projects conducted by Ajilon. * Managed entire line (e.g., budget, product development, sales/marketing, & delivery). * Served clients via 50 North American offices, and international operations in 7 countries. * Focus on Financial Services, Healthcare, Manufacturing, & Telecommunications industries. * Federal and State Government clients comprise about 20% of the practice?s business base. * Directed numerous risk management, contingency planning, vulnerability assessment and data, systems, application, network, e-commerce, and managed security engagements.

Provided computer security and healthcare consulting services to federal government agencies. Managed practice's computer resources through efficient monitoring, acquisition, and development. Served as a Congressional liaison responsible for tracking legislative efforts of interest to client and the practice. Led marketing efforts and expanded business on existing contracts. Conducted project management activities including plan development, assigned tasks, and staffing. Provided an automated information security plan for NASA. Improved records processing for the DOE's Office of Scientific and Technical Information.