Shannon Culp
Thomas More University
Adjunct Professor - Cyber Security 400 Level Class
Biographical Info
I have over 25 (1994/1995) years of Business Continuity and Information Security and Risk Management experience. I have been in an Information Security Officer (CISO) role for several large organizations. I have consulting experience and Management in "Big 4"​ environment as well as large private industry management experience. I have designed general computer controls for SOX and defined a PCI program for level 2 Merchant. I have performed computer forensics for many large and high profile cases. I have helped lead the development of E&Y's Security Architecture Methodology. I have developed Governance Programs, Identity and Access Management Programs, Risk Management Programs and Vulnerability Management Programs. I currently volunteer for the American Red Cross BEPA (Business Emergency Planning Association). I previously held the Chair Person Position for the Strategic Advisory Board for three years through the program inception. As of June 2006, I remain a board member. I participate in a CSO Roundtable in Cincinnati, and previously held Program Director position for ISSA. I am a member of ISSA, Homeland Security, CSI, Cincinnati Infragard and FBI Citizens Academy Alumni. I am also Vice President on the board for the FBI Citizens Academy Alumni Association of Cincinnati. I am a member of the Site Based Decision Making Council at my child's high school, an officer in the Band Boosters and assist in coaching Jr. High Volleyball. Experience includes all aspects of Information Security. Successfully built an Information Security Program for TriHealth. Successfully led TriHealth Inc. PCI remediation and submitted compliant SAQ (Self Assessment Questionnaire). Successfully led TriHealth Security build for Epic. Successfully implemented a risk management and oversight program, including a Security Council consisting of senior leadership for TriHealth for security oversight. This is one of the best attended and high participatory level for senior leadership at TriHealth, Inc. Specialties: Information Security, Risk Management, Governance and Compliance, Security Program and Strategy, Security Awareness, NIST, ISO 27001 and 27002 Controls, PCI, SOX, Incident Response and Computer Forensics programs.