Wayne Peterson Email and Phone Number

Brought on as CISO reporting to CTO following a breach in one of parent company’s, portfolio. In this capacity was tasked by the Board of Director’s to do a bottom-up review of the company’s security posture. Used NIST cybersecurity framework as guidelines for the assessment. As a result of deficiencies noted during the assessment, built a robust security incident response team. Successfully pursued and obtained the SSAE16/SOC 2 Type 2 certification as well as ISO 27001.After a year as the Kroll CISO, promoted to CISO for the parent company, Corporate Risk Holdings (CRH), and all of its subsidiaries including Kroll, Kroll OnTrak and HireRight reporting directly to the CEO of CRH with the HireRight CISO reporting directly to me.In 2016, Corporate Risk Holdings divested Kroll OnTrak, who had hosted the enterprise network. As a result, a new infrastructure was to be built, providing an opportunity to build security in from the beginning. After reviewing many options, decision was made to go to a cloud based infrastructure with AWS. Currently overseeing the implementation of security components during the move to this infrastructure.

Developed and continue to manage company’s first corporate security office, providing information security, cyber intelligence services, physical security, employee safety and executive protection to more than 120 locations and 42,000 employees spanning the globe. Oversight of international information security functions and global incident response teams, developing and implementing strategies, solutions, and plans to improve information security across Asia Pacific, Europe, Middle East, Latin America and Caribbean regions. Managed a team of 127 security professionals. Partner with federal and international law enforcement organizations, country-specific law enforcement agencies, and industry peers engaged in cyber defense, including the Microsoft Digital Crimes Unit. Oversee the development of enterprise Risk, Information Security, and Compliance business processes.Achievements:• Managed ISO27001 certification for 19 global strategic data processing centers.• Redeveloped incident handling processes and deployed incident response technologies, reducing by six-fold the time required to contain security threats once detected.• Initiated the Threat Intelligence Unit, tasked with collecting, analyzing, and fusing intelligence to detect potential threats and ensure preparedness for future security incidents.• Established a government liaison team that shares information and participates in the development of legislation and government policies impacting organizations in the financial sector.• Built global security investigations team to investigate allegations of employee misconduct.• Implemented Facility Security Office, which enables the corporation to sponsor its own US Government security clearances.

Oversight for all international information security functions, and global incident response teams.• Planned, developed and implemented enterprise-level international programs to reduce information security risks fulfill regulatory and legal obligations and developed and implemented strategies for information protection. Ensured that cross-functional teams implemented and deployed security solutions to ensure the overall objectives of the enterprise-wide security program were met or exceeded.• Responsible for all aspects of information security for the Asia Pacific , Europe, Middle East, South Africa, Latin America and Caribbean regions.• Oversaw ISO 27001 certification of 11 International strategic data/processing centers.• Oversight of FIS global incident response team.• Grew Incident Response team from a handful of US based team members to a global team of 27 Industry recognized professionals.

Multifaceted role directing daily operations of Cyber Intelligence Section of the Criminal Investigative Division. Managed team of 12 direct reports and several hundred Field Agents who conducted critical cybercrime investigations. Determined original source of cyber criminals to prevent and eliminate risk. Inspired trust of C-level executives facing data breaches. Cultivated long-standing, collaborative partnerships with international law enforcement personnel. Continually adjusted tactics to meet needs of fast-paced, innovative, and evolving crime trends.• At the request of the Secretary of Homeland Security, accompanied her to Budapest for key cybercrime convention. Briefed Secretary of Homeland Security on current cybercrime trends• Authored U.S. Secret Service response to proposed data breach legislation, White House International Strategy on Cyberspace, and the DHS Transnational Organized Crime Strategy• In 2010 Investigative Efforts eliminated $7B in potential loss to the US financial sector

Commanded a team of three managers, thirty-six software developers and sixty contract developers through execution of numerous, high-profile development projects for the U.S. Secret Service and The White House. Embraced the challenge of improving relationships between agents and civilian employees; worked to inspire collaboration and team-centric operations; acted as first point of contact for technical support within the U.S. Secret Service.• Enhanced White House security by steering development of robust, automated visitor access system.• Improved Secret Service operations by directing team of project managers to engineer modernized case management system.• Minimized expense through strategic vendor negotiations.

Directed intelligence gathering and analysis for the President of the United States on domestic trips, as well as international visits to Iraq, Israel, the West Bank, and Saudi Arabia. Instrumental in preserving national security by aggressively investigating threats and planned attacks by terrorist groups aimed at the President and key affiliates. Fostered key alliances with diverse and various government officials, including intelligence community, foreign intelligence, and police organizations.Efficiently managed Internet Threat Desk for examining threats against U.S. Secret Service via e-mail, web, and blog form, by application of technical expertise.• Selected for high-pressure, travel assignment to Iraq three weeks prior to unannounced visit by U.S. Vice President to prepare all facets of security operations in a highly volatile and hazardous environment.• Served as Intelligence Coordinator for Republican National Convention; planned and coordinated all law enforcement intel operations and resulting responses to perceived and actual threats.

Partnered closely with CERT on critical U.S. Secret Service cyber investigations. Collaborated with Malware analysis team to reverse engineer malware used in cybercrimes. Administered briefings and presentations on progress of efforts to CERT, US Secret Service and other law enforcement forums.• Strengthened security of national presidential events by developing Critical Systems Protection Initiative (CSPI) that identified potential weaknesses within critical infrastructure systems during major National Special Security Events (NSSE).• Participated in the investigation of the 2003 Northeast Blackout that unearthed evidence that proved to be an infrastructure issue and not a cyber-attack.