Carolann Shields
Position title Chief Information Security Officer
Biographical Info
Global cyber security is no longer just a technical pursuit. Today’s cyber security team must first speak the language of business, and then partner cross-functionally to tune cyber priorities around a company’s needs and potential risks. I’m privileged to lead teams dedicated to promoting security for both the organization I work for and that of our clients. Much of my work centers on the belief that security begins with the individual, the result has been an evolution of security governance, risk, and compliance principles together with security architecture that not only addresses today’s cyber landscape, but listens closely to the needs of the future as the world and people become increasingly connected. I’ve driven many companywide cyber-security transformational initiatives, building and leading teams of up to 150 people and budgets up to $50m focused on mitigating risk and vulnerabilities, amplifying user awareness, and reinforcing the value of security as a technical partner and enabler to the business. RECENT APPEARANCES: Profiled in Tessian report on Opportunity in Cybersecurity 2020 Commencement speaker for the third graduating class of Symantec's Cyber Career Connection (SC3) program at NPower (nonprofit) August 2017; "Harnessing & Harvesting Talent to Retain Strong Security Teams,” Cyber Security Exchange for Financial Services, New York, NY, June 2017; “Women in Technology,” KTech Expo, KPMG, November 2016; “The Evolution of the CISO,” SINET Innovation Summit, June 2015. People don’t usually get excited about security. But build the “mutual benefit to the individual” and a culture of shared risk management into your initiatives, systems, and controls, and you have a compelling formula for protecting business performance and shareholder value. EXPERTISE: Information Security Governance, Risk Management, Compliance, Cyber Security Incident Response, Vulnerability Management, Data Loss Prevention (DLP) Insider Threat, vendor risk, Software Development, Cloud and Infrastructure Security, Security Operations, Project Management, Automation.
New York
New York
Areas of Specialty