Fortune 500 CISOs. PHOTO: Cybercrime Magazine.

‘Ask The CISO’ Podcast Video Interviews With F500 Chief Information Security Officers

Large enterprise security leaders go one-on-one with Cybercrime Magazine  Sponsored by Fortinet

Steve Morgan, Editor-in-Chief

Northport, N.Y. – Mar. 10, 2020

Cybercrime Magazine kicked off a special series of interviews with Fortune 500 and large enterprise chief information security officers (CISOs) and chief security officers (CSOs) in October of 2018. These battle-tested security veterans are responsible for cyber protecting the world’s largest corporations.

How did they get started in the technology field and ultimately become a CISO? What does it take to be a successful security leader? Which cyber threats are the most challenging? How has the threat landscape changed over the past 5-10 years? Do IoT devices pose a major security threat? What about the cloud? Are cybersecurity professionals difficult to recruit and retain given the current workforce shortage?

The only way to know the answers to these questions and others is to ask the CISO – and listen to what they have to say. We hope that you’ll enjoy these interviews, which concluded in December of 2019, as much as we have. Part II starts up in April of 2020.


Cybercrime Magazine is interviewing 25 top CISOs for this special series. Click on a link to watch the video.

 Ask The CISO #1: Dr. Jay, CISO at Xerox

Dr. Jay is the CISO for Xerox and a former White House deputy CIO. She was previously the first CISO at Stryker. Dr. Jay spent more than 11 years as an adjunct faculty member for several well-respected universities, and 6 years as a cryptologic engineer at the U.S. Department of Defense (DoD).

Ask The CISO #2: Jim Routh, CSO at Aetna

Jim Routh is the CSO at CVSHealth (and CSO at Aetna before the acquisition). He was previously global head of Application, Mobile, and Internet Security at JPMorgan Chase & Co. Jim has held the CISO position for several other companies including KPMG, Depository Trust & Clearing Corporation, and American Express.

Ask The CISO #3: Kathy Hughes, CISO at Northwell Health

Kathy Hughes is VP and CISO at Northwell Health, one of the leading healthcare systems in the U.S. and New York’s largest private employer with 68,000 people. Prior to Northwell, Kathy has held senior IT and security management roles with Eclipsys/Allscripts, The Estee Lauder Companies, and Stony Brook University Hospital.

Ask The CISO #4: Jason Witty, EVP & CISO at U.S. Bancorp

Jason Witty is EVP and CISO at U.S. Bancorp. He serves as board chairman of FS-ISAC (Financial Services Information Sharing and Analysis Center), the global financial industry’s go-to resource for cyber and physical threat intelligence analysis and sharing. (Note: Jason Witty is now global CISO at JPMorgan Chase & Co.)

Ask The CISO: #5: Shamla Naidoo, Global CISO at IBM

Shamla Naidoo is global CISO at IBM. She has more than 30 years of experience providing strategic leadership as CISO or information security leader for global corporations including Starwood Hotels & Resorts, Bridgewater Associates, Wellpoint, Northern Trust Corporation, ABN Amro, and Leo Burnett.

Ask The CISO #6: Debbie Wheeler, CISO at Delta Airlines

Debbie Wheeler is the CISO at Delta Airlines. Her previous positions include CISO at Freddie Mac, global CISO at Ally Financial, Inc., and CISO at Fifth Third Bank. She has also held senior information security roles at JPMorgan Chase & Co., Bank One, PNC Bank, and Allegheny Health.

Ask The CISO #7: Patrick Ford, Americas CISO at Schneider Electric

Patrick Ford is CISO, Americas Region, at Schneider Electric. He was previously the CSO at Aetna, and before that senior director, Global Security, Americas Region, at Pfizer. Patrick spent 14 years at the FBI, including time at the Internet Fraud Complaint Center, which is now the IC3 (Internet Crime Complaint Center).

Ask The CISO #8: Deneen DiFiore, SVP, Global CISO at GE Aviation

Deneen DiFiore is SVP, global chief information & product security officer at GE Aviation. During her 18 plus years with GE, she’s held numerous senior technology management roles at GE Corporate, GE Energy Services, and GE Aviation. Deneen is a board member for the Aviation Information Sharing and Analysis Center (A-ISAC). 

Ask The CISO #9: Elizabeth Joyce, SVP & CISO at HPE

Liz Joyce is SVP and CISO at HPE. She has nearly twenty years of security leadership experience. Her previous positions include CSO at Autonomy, and SVP and GM, Enterprise Services, at Symantec. Liz earned a Ph.D. in Information Security from the University of Plymouth, and a B.Sc., Computer Science, from University College Dublin in Ireland.

Ask The CISO #10: Adam Fletcher, CISO at The Blackstone Group

Adam Fletcher is managing director, chief information security officer at The Blackstone Group. He is a founding board member at Security Advisor Alliance, an organization focused on promoting our industry to the next generation and ensuring that the students, teachers, and schools have the resources and mentorship necessary to foster the cybersecurity professionals of the future.

Ask The CISO #11: Roland Cloutier, SVP & CISO at ADP

Roland Cloutier is SVP and CISO at Automatic Data Processing, Inc. (NASDAQ: ADP), with $10 billion+ in revenues and over 600,000 clients. He was previously VP and CSO at EMC. Roland has more than twenty years of experience in technology and security. He also spent nine years working in law enforcement for the U.S. government.

Ask The CISO #12: Bret Arsenault, CVP & CISO at Microsoft

Bret Arsenault is corporate vice president and chief information security officer at Microsoft. He has been in technology and security leadership roles with Microsoft for nearly thirty years. Bret currently serves as the chairman of Microsoft’s Information Risk Management Council, convening teams from across the company that focus on data protection.

Ask The CISO #13: Matthew Dunlop, VP & CISO at Under Armour

Matt Dunlop is vice president and chief information security officer at Under Armour. He was a colonel in the U.S. Army for nearly thirty years, from 1989 to 2019. During that time, Matt held leadership positions with the U.S. Army Cyber Command, including director, Applied Research and Development Division; director, Cyber Response Team; and director of operations, Joint Force Headquarters – Cyber.

Ask The CISO #14: Christopher Porter, SVP & CISO at Fannie Mae

Chris Porter is senior vice president and chief information security officer at Fannie Mae. He was previously a managing principal at Verizon, and primary author, analyst, and editor of Verizon’s immensely popular DBIR (Data Breach Investigations Reports). Chris is a member of the board of directors at FAIR Institute, and a member of the M.S. advisory board in the McIntire School of Commerce at the University of Virginia.

Ask The CISO #15: Ahsan Sheikh, SVP & CISO at Israel Discount Bank

Ahsan Sheikh is senior vice president and chief information security officer at Israel Discount Bank in New York. He previously held leadership positions in information technology, security, risk, and compliance for Commerzbank AG, ING, KeySpan Energy, EY, and others, in a career spanning nearly thirty years. Ahsan earned an MBA in Information Systems from Pace University, a B.S. in Accounting from The City University of New York, and a BCOM from University of the Punjab in Pakistan.

Ask The CISO #16: Keith O’Sullivan, SVP IT Risk & CISO at Standard Industries

Keith O’Sullivan is senior vice president, IT Risk, and chief information security officer at Standard Industries. His previous roles include vice president, global information security at CBS, chief information security officer at Time, Inc., head of IT security at Conde Nast, and information security manager at Horizon Blue Cross Blue Shield of New Jersey. Keith earned a B.S. from Seton Hall University.

Ask The CISO #17: Ron Green, EVP and CISO at Mastercard

Ron Green is executive vice president and chief information security officer at Mastercard. He previously held senior information security leadership positions with Fidelity National Information Services, Inc., Research In Motion, and Bank of America. Prior to that, Ron spent nearly nine years as a special agent for the U.S. Secret Service. Ron earned a B.S. from the U.S. Military Academy at West Point, and a graduate certificate in information assurance from The George Washington University.

Ask The CISO #18: Adeel Saeed, SVP and CIO/CISO at State Street

Adeel Saeed is senior vice president, chief information officer and chief information security officer at State Street. Previously, Adeel served as the CIO for the London Stock Exchange (LSEG), and director, Technology Infrastructure Services, for the American Stock Exchange. Adeel sits on the board of directors for the Advanced Cyber Security Center (ACSC). He also represents State Street as a board member of FSARC under FS-ISAC.

Ask The CISO #19: Teresa Zielinski, CISSP, SVP & Global CISO at GE Power

Teresa Zielinski is senior vice president and global chief information security officer at GE Power. She’s been with GE for more than 22 years. Previously, Teresa led the Security Design Team at GE Aviation. Prior to moving into cybersecurity, she managed the Energy and Oil & Gas Build team, responsible for the implementation of large-scale CIO and network connectivity projects. Teresa holds a top-secret government clearance. She earned an M.S. degree in Statistics and a B.S. in Math/Physics from the State University of New York, Albany.

Ask The CISO #20: Laura Deaner, CISO at S&P Global

Laura Deaner is the chief information security officer at S&P Global.  She is the co-chair of The Global Future Council on Cybersecurity for the World Economic Forum (WEF). Laura previously held CISO roles for PR Newswire and Morgan Stanley. Before that, she was a senior IT security analyst for J.P. Morgan Chase & Co. and Citibank.  Laura earned a Bachelor’s, Computer Science, from Old Dominion University.

Ask The CISO #21: Nasrin Rezai, EVP & Global CISO at GE (Corporate)

Nasrin Rezai is executive vice president and global chief information security and product security officer at GE. She was previously CISO at GE Capital. Prior to GE, Nasrin was SVP and chief technology officer at State Street Bank. Before that, she spent more than 12 years at Cisco and held numerous technology and cybersecurity leadership positions including CTO Security, WW Security Architecture, Sales. Earlier in her career, Nasrin was in CRM and supply chain management roles at HP. She earned an MBA in Business from San Jose State University.

Ask The CISO #22: Debbie Guild, CSO at PNC

Debbie Guild is the chief security officer at PNC, where she is responsible for all aspects of cyber and information security, security operations, enterprise fraud, security operations architecture, physical security and governance. She spent 7 years at Bank of America in senior technology roles including divisional CTO for Enterprise / Corporate Staff Functions. Earlier in her career, Guild was a senior network engineer at Intel Corp. She earned a bachelor’s degree in mathematics and computer science from the University of North Florida.

Ask The CISO #23: Kirsten Davies, SVP & CISO at Estée Lauder

Kirsten Davies is the senior vice president and chief information security officer at the Estée Lauder companies, the only company focused solely on prestige makeup, skin care, fragrance and hair care with a diverse portfolio of 25+ brands sold in approximately 150 countries and territories. Kirsten’s previous roles include group CSO at Barclays Africa (ABSA), deputy CISO at Hewlett-Packard, and the chief information security executive at Siemens. She earned a B.A. in International Political Science from the University of Puget Sound.

Ask The CISO #24: Omar Khawaja, CISO at Highmark Health

Omar Khawaja is the chief information security officer at Highmark Health, one of the nation’s largest healthcare systems. He is a member of the adjunct faculty for the CISO program at Carnegie Mellon University in Pittsburgh. Previously, Omar spent nearly nine years at Verizon Enterprise Solutions as the head of security solutions product marketing. Omar earned a B.S. in electrical engineering from Georgia Institute of Technology, and an MBA in business from the University of Virginia Darden School of Business.

Ask The CISO #25: Phil Quade, CISO at Fortinet

Phil Quade is the chief information security officer at Fortinet, sponsor of the “Ask The CISO” series. He is responsible for the company’s information security, and he is a strategic consultant to C-level enterprise customers. Phil spent 34 years at the National Security Agency (NSA), including 16 years in executive management. He was director, Cyber Task Force, and special assistant to the NSA director for cyber. In this special installment, Phil talks about Fortinet’s mission and product strategy. Phil earned a B.S. in Computer Science and Mathematics from the University of Maryland.

Ask The CISO Roundtable on Cybersecurity Talent

Hosted by Aileen Alexander, co-leader of Korn Ferry’s Global Cybersecurity Practice; with Shamla Naidoo, global CISO at IBM; Jason Witty, EVP and CISO at U.S. Bancorp; David Hahn, CISO at Hearst; and Stephen Fridakis, CISO at HBO. What CISOs have to say about recruiting and retaining cybersecurity staff amidst the worker shortage.

Ask The CISO Roundtable on Ransomware

Hosted by Theresa Payton, CEO at Fortalice Solutions and former White House CIO; with Ram Chennamsetty, global deputy CISO at IBM; Dr. Jay, VP and CISO at Xerox; and Phil Quade, CISO at Fortinet. What CISOs have to say about ransomware, the fastest growing cybercrime. How CISOs protect the cloud, infrastructure, and IoT devices.

Stay tuned for more “Ask The CISO” interviews, filmed at Cybercrime Magazine studios in Northport, N.Y., the Manhattan campus of New York Institute of Technology (NYIT), and on-location at various events.

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.


From the start, the Fortinet vision has been to deliver broad, truly integrated, high-performance security across the IT infrastructure.

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Our flagship enterprise firewall platform, FortiGate, is available in a wide range of sizes and form factors to fit any environment and provides a broad array of next-generation security and networking functions.

The Fortinet corporate brochure explains how we deliver comprehensive network, endpoint, application, and access security.

Learn more at