Phil Venables | |
---|---|
Born | |
Alma mater | University of York, B.S. Computer Science University of Oxford, M.S. in Computation and Cryptography |
Occupation(s) | Chief Information Security Officer at Google Cloud, computer scientist |
Phil Venables is a computer scientist who has been the chief information security officer (CISO) at Google Cloud since 2020. He specializes in information and cyber security, as well as enterprise risk and technology risk. [1] Previous to Venables's position at Google, he held a number of roles at Goldman Sachs and served on the Board of Goldman Sachs Bank. [2] Since 2021, he has also been a member of the President’s Council of Advisors on Science and Technology (PCAST). [3]
Venables was born in Britain, and attended the University of York in the United Kingdom, where he received a B.S. with honors in computer science in 1989. [4] In 1990, he graduated with an M.S. in Computation and Cryptography from Oxford. [5]
Venables began his career in 1992 as an Information Security Manager at Barclays Bank in the United Kingdom, where he left in 1995 to take on the position as global head of technology risk management at the Standard Chartered Bank. [6] In 1996, Venables became a member of the Highlands Group (DARPA-Office of Net Assessment), an advisory firm for the Department of Defense.[ citation needed ] From 1997 to 2000, he was CISO at Deutsche Bank in Frankfurt, Germany. In 2000, he began at Goldman Sachs, first as partner and CISO until 2017, when he was partner and Chief Operational Risk Officer until 2018, then director until 2020. [1] [7] He is the co-founder and leader of various corporate and industrial cyber security initiatives. [1]
Since 2015, Venables has been a life member of the Council on Foreign Relations (CFR). [8] In 2016, he was a part of Barack Obama’s Commission on Enhancing National Cybersecurity. [9]
He has been CISO at Google Cloud since 2020, and since 2021, he has been director at HackerOne, [10] supply chain technology company Interos, [11] and NIST's Information Security and Privacy Advisory Board. [12] Over the years, Venables has served on multiple non-profit boards, including New York University Tandon School of Engineering, [13] and New York University Stern School of Business' Business Volatility and Risk Institute, [14] as well as co-chairing the board of consumer financial information protection organization Sheltered Harbor, [15] and also co-founded and directed various initiatives of the U.S. Financial Services Sector. In 2000, he co-founded the Center for Internet Security (CIS), and served on its board from 2014 until 2020. [6]
In September 2022, Venables was named to the BallisticX cybersecurity advisory board for San Francisco-based Ballistic Ventures, an early-stage cybersecurity investment firm. [16]
Venables serves on the President's Council of Advisors on Science and Technology, under President Biden. [3] He also holds several information security-related patents, including designing a virtual wallet with cryptographic currency for securities settlement, and creating a method for assessing how vulnerable a network is to cyberthreats. [17]
In 1995, Venables was awarded the designation of Chartered Engineer, in 2002 that of Chartered Scientists, and in 2005 he was elected Fellow of the British Computer Society. [18]
In 2008, he received multiple awards at the RSA Conference. He received the FS-ISAC Critical Infrastructure Award in 2017, [19] as well as the ISACA Wasserman Award and the SINET Innovation Award in 2019. [1]
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical science laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards.
The United States Computer Emergency Readiness Team (US-CERT) was a team under the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security.
Information security standards are techniques generally outlined in published materials that attempt to protect a user's or organization's cyber environment. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.
A chief information security officer (CISO) is a senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO directs staff in identifying, developing, implementing, and maintaining processes across the enterprise to reduce information and information technology (IT) risks. They respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance. The CISO is also responsible for protecting proprietary information and assets of the company, including the data of clients and consumers. CISO works with other executives to make sure the company is growing in a responsible and ethical manner.
Howard Anthony Schmidt was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating in the Executive Office of the President of the United States. He announced his retirement from that position on May 17, 2012, effective at the end of the month.
EC-Council is a cybersecurity certification, education, training, and services company based in Albuquerque, New Mexico.
Ari M. Schwartz is an American cybersecurity and technology policy expert. He is the former Special Assistant to the President and senior director for cybersecurity on the United States National Security Council Staff at the White House, having left the role in October 2015. Previously, Schwartz worked in both the Executive Branch and civil society as on cybersecurity, privacy, civil liberties, and policy. He is an advocate for vulnerability disclosure programs.
Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to the operation of security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats.
Cyber threat intelligence (CTI) is a subfield of cybersecurity that focuses on the structured collection, analysis, and dissemination of data regarding potential or existing cyber threats. It provides organizations with the insights necessary to anticipate, prevent, and respond to cyberattacks by understanding the behavior of threat actors, their tactics, and the vulnerabilities they exploit. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence, device log files, forensically acquired data or intelligence from the internet traffic and data derived for the deep and dark web.
Verimatrix provides cybersecurity products and services that protect video content, streaming media, mobile applications, websites and APIs. The company merged with Inside Secure in 2019. It is headquartered in France and Asaf Ashkenazi is the CEO.
Brigadier GeneralGregory (Greg) J. Touhill is Director of the world renowned Carnegie Mellon University Software Engineering Institute’s CERT Division. Previously, he was the president of AppGate Federal Group . He was previously appointed by President Barack Obama as the first Federal Chief Information Security Officer of the United States, stepping down in January, 2017. He was previously the Deputy Assistant Secretary, Office of Cybersecurity and Communications, National Programs and Protection Directorate, Department of Homeland Security. While at DHS he concurrently served as Director of the National Cybersecurity and Communications Integration Center (NCCIC) during 2014–2015.
David "Dave" Venable is a former intelligence officer with the United States National Security Agency, and current cyber security professional and businessman. He is an author and speaker on the topics of cyber security, cyberwarfare, and international security; has developed security-related internet protocols; is a US patent holder; and has been named as one of the most influential people in security.
The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.
Anne Neuberger is an American national security official who serves as the deputy national security advisor for cyber and emerging technology in the Biden administration. Prior to this role, she served for over a decade at the NSA, as director of cybersecurity, as assistant deputy director of operations, and as the agency's first chief risk officer. She joined the federal government as a White House fellow, working at the Pentagon, and subsequently served as deputy chief management officer of the Navy, before joining NSA. Before entering government service, Neuberger was senior vice president of operations at American Stock Transfer & Trust Company.
Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.
Rinki Sethi is an American technology executive who has held Chief Information Security Officer and Vice President of Information Security roles at several large companies.
The Cyber Safety Review Board was established by United States Secretary of Homeland Security Alejandro Mayorkas on February 3, 2022. Modeled after the National Transportation Safety Board, the Board reviews significant cybersecurity incidents and issues reports. President Joe Biden directed the Board's creation through Section 5 of Executive Order 14028, issued on May 12, 2021.
Operational collaboration is a cyber resilience framework that leverages public-private partnerships to reduce the risk of cyber threats and the impact of cyberattacks on United States cyberspace. This operational collaboration framework for cyber is similar to the Federal Emergency Management Agency (FEMA)'s National Preparedness System which is used to coordinate responses to natural disasters, terrorism, chemical and biological events in the physical world.
Jelena Z. Matone is global chief information security officer and an advocate for women's empowerment in technology. She is best known for her role as the CISO of European Investment Bank and Founding Board Member and the first President of the Women Cyber Force & Women 4 Cyber (W4C) chapter, a global initiative aimed at promoting cybersecurity awareness, education, and gender equality in the industry.