Chris Porter, CISO at Fannie Mae. PHOTO: Cybercrime Magazine.

Chris Porter Goes From The Cyber Trenches To Fortune 500 CISO

Fannie Mae’s chief information security officer shares his rags to riches story

Steven T. Kroll

Northport, N.Y. – Jul. 9, 2019

Christopher Porter, senior vice president and chief information security officer at Fannie Mae, is a self-taught cybersecurity expert.

He liked to experiment with technology as a kid, even crashing his family’s computer once. His dad was going to college when this happened, and instead of the age-old “dog eating the homework” excuse, his father could say, “My son really deleted everything.”

Even though he earned a bachelor’s degree in economics and psychology, a trip to a friend in California changed everything. “I realized he was making a lot more money and doing a lot cooler things,” says Porter. And with that insight, he made a career change.

Porter’s first role was working at a help desk in a law firm. There, a network engineer taught him everything about firewalls. This is when he fell in love with security.

He moved to Louisiana after some time and worked as “a network administrator, a user support specialist, and as a jack of all trades.” While gaining practical skills during the workday, Porter read up on security during his free time. Eventually returning to Washington D.C., Porter joined a company called TruSecure, which focused solely on cybersecurity.



After gaining extensive experience in the cyber trenches, Porter found himself in a position at Verizon, when they acquired the company he worked for, and became involved with the Data Breach Investigations Report (DBIR, published by Verizon).

“When I joined the team, one of the things that I did was help build the VERIS framework, which stands for Vocabulary for Event Recording and Incident Sharing,” says Porter. “Essentially, this is the backbone of the report.”

In its 12th year of publication, the DBIR is a must-read resource for executives, cybersecurity specialists, and anyone interested in cybercrime. This year’s data is gathered from 41,686 incidents and provides crucial information on the threats that organizations face.

Now as CISO at Fannie Mae, Porter is proud to be involved with an organization that helps people get into their own homes – a noble mission that he believes in.

“Last year we put over $500 billion of liquidity into the market. We allow people to buy houses, and in fact that liquidity helped people buy three million homes, whether it was rental units, refinances, or just buying a home in general,” says Porter. “So, it’s got a very important mission to the housing finance system.”

The people-first focus of Fannie Mae is what he uses to motivate his employees because it’s fulfilling to make a difference. “That’s something that I’ve really pressed with my team,” says Porter. “Fannie Mae is the heart of the housing environment. If we don’t do our jobs and protect our company, then people can’t buy houses.”

Cybersecurity is a public service that safeguards the general population from the hidden dangerous threats. Thanks to his efforts and his team, we can sleep a little more snug in our beds and our homes.

Porter resides at the top of Fannie Mae’s security team, but that was not always the case. His path to this position comes with an interesting twist.

“Funny enough, when I worked at TruSecure I was a security consultant that delivered services to Fannie Mae,” says Porter. “So I literally spent night after night scanning their network back in the early 2000s, just doing vulnerability assessments, and today to be running that security program is my ‘rags to riches’ story.”

Steven T. Kroll is a public relations specialist and staff writer at Cybercrime Magazine.

Ask The CISO Archives


SPONSORED BY FORTINET

From the start, the Fortinet vision has been to deliver broad, truly integrated, high-performance security across the IT infrastructure.

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Our flagship enterprise firewall platform, FortiGate, is available in a wide range of sizes and form factors to fit any environment and provides a broad array of next-generation security and networking functions.

The Fortinet corporate brochure explains how we deliver comprehensive network, endpoint, application, and access security.

Learn more at Fortinet.com.