CISO Council

Jonathan Waldrop is an experienced and passionate leader in cybersecurity and technology. He started his career on Active Duty in the Air Force as a communications and information officer and spent seven years in active service before transitioning to the Air Force Reserve. He is a participating reservist supporting Headquarters Air Force, Deputy Chief of Staff for Intelligence, Surveillance, Reconnaissance, and Cyber Effects Operations. He has more than 15 years of experience across a broad range of technologies, industries, and government organizations. His current role at Insight Global is the Senior Director of Cybersecurity, where he has spent the past 6+ years building and developing the cybersecurity team, scaling the people, processes, and technology to support a company that has experienced rapid growth both from an employee, and revenue standpoint. He initiates projects to streamline business processes that are secure by design with a focus on usability and pragmatic security. Additionally, Jonathan has presented at security conferences on a variety of topics and frequently appears on podcasts. He earned a Master’s of Science degree in Management Information Systems and Services from the University of Maryland, and a Bachelor’s of Science degree in Meteorology from Florida State University. He also holds multiple certifications including CISSP, Qualified Technology Executive (QTE), and others. As a Veteran and participating member of the Air Force Reserve, he also works closely with the Veteran community, mentoring and guiding Soldiers, Sailors, Airmen, Coasties, and Guardians during their transition from active duty service, whether it was after 2 years, or 20 years. On the personal side, he is a runner, cyclist, reader, and all-around family man.

Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.

Experienced Information Security Leader with over 8 years working in Cyber Security, Digital Forensics and Risk Management. Robert embraces challenge, thrives under pressure, think outside the box, and drives improvement. Having talent for building new capabilities, introducing innovation, leadership, and forward thinking. Experience showcasing effective leadership of multidisciplinary teams which successfully defined, developed and delivered cyber security, investigation and risk management solutions.

Mr. Swope brings over 20 years of experience in IT Project Management, BI Solutions Development, IT Security, IT Controls (CoBIT, SOX 404/MAR, etc) IT Risk Management, and HealthCare Compliance, to both the public and private sectors. His focus is on identifying gaps relating to key IT security processes and the implementation of IS Security and Risk Management programs to Health Care, Pharmaceutical and various commercial clients. Has a proven track record of delivering the following: • Interpreting and applying 21 CFR Part 11, GLP, GMP, GCP, and QSR regulations • MDM and Data Governance • Identity Access Management • HIPAA Risk Assessments and GAP analysis • Information Assurance Program Management - SCRUM, AGILE, SDLC, Six Sigma • Implemented large security, risk and compliance initiatives of SOX-404 IT, HIPAA/HITECH, including security policies, procedures and controls. • "Big Data", Data Management and Health Care Data Analytics • Federal Information Security Management Act (FISMA) Compliance Reviews • Implemented the security standards - 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards; Final Rule He has supported these Information Assurance and IS Security initiatives for organizations that include: Excellus BCBS, Medimmune/Astra Zeneca, ENDO Pharmaceuticals, Novo Nordisk, Daiichi-Sankyo Solutions, Catalent Pharma Solutions, Johnson and Johnson, District of Columbia Government office of the Chief Financial Officer, District of Columbia Water and Sewer Authority, City of Richmond, Virginia Department of Public Utilities, Virginia State Department of Health, and the Kentucky Department of Health Services, as well as the U.S. Department of Labor.