Rebecca Wynn

Former Global CISO & Chief Privacy Officer -

Brief Overview:

Named 2017 Cybersecurity Professional of the Year - Cybersecurity Excellence Awards, Chief Privacy Officer (CPO) SC Magazine, Global Privacy and Security by Design (GPSbyDesign) International Council Member, and Women in Technology Business Role Model of the Year 2018 - Dr. Rebecca Wynn is lauded as a “game-changer who is ten steps ahead in developing and enforcing cybersecurity and privacy best practices and policies." She is a “big picture” thinker who brings nearly 20 years of experience in Information Security, Assurance & Technology. Recently she led the information security, privacy, and compliance pre-acquisition, acquisition and post-acquisition of LearnVest, Inc. to Northwestern Mutual Life Insurance Company – a Fortune 100 company. She is well known for being a gifted polymath, having deep understanding of current cyber security challenges and privacy issues. She has a proven track record of taking companies to the next level of excellence in many sectors including government, financial services, fintech, healthcare, information technology, legal, semiconductors, and retail.

High-Level Skills:

  • Proven track record - Partnering with the CIO/CTO/COO and other executives to develop and implement an Information Security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensure senior stakeholder buy-in and mandate;
  • Proven track record - Providing leadership and direction to Security Engineering & Architecture, Security Operations, Cyber Resilience, Identity & Access Management and other  teams;
  • Proven track record - Providing regular reporting on the status of the Information Security program to enterprise risk teams, senior business leaders, operating committees compliance committees, and the executive board, as part of a strategic enterprise risk management program;
  • Proven track record - Working with the Procurement and Sourcing teams to ensure that Information Security requirements are included in contracts for goods and services;
  • Proven track record - Providing clear risk mitigating directives for projects with components in IT, including the appropriate application of controls based on risk;
  • Proven track record - Managing a cost-efficient Corporate Information Security organization, consisting of direct reports and dotted-line reports (such as individuals in Delivery and IT Operations). Which includes hiring, training, staff development, performance management and annual performance reviews;
  • Proven track record - Developing, implementing and monitoring strategic, comprehensive Information Security programs which ensured appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the Company;
  • Proven track record - Working effectively with business units to facilitate Information Security risk assessment and risk management processes, and empowering them to own and accept the level of risk they deem appropriate for their specific risk appetite;
  • Proven track record - Measuring the efficacy of the Corporate Information Security Program, and reviewing it with the appropriate stakeholders at the executive and board level;
  • Proven track record - Working with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy;
  • Proven track record - Ensuring that security is embedded in the project delivery process by providing the appropriate Information Security policies, practices, guidelines, and templates;
  • Proven track record - Managing and containing Information Security incidents and events to protect corporate IT assets, intellectual property, regulated data and the Company's reputation;
  • Proven track record - Developing and overseeing effective disaster recovery policies and standards to align with the enterprise Cyber Resilience (DR/BCP) Program goals, with the understanding that components supporting primary business processes may be outside the Company’s perimeter;
  • Proven track record - Ensuring the alignment with common industry cybersecurity requirements and regulatory requirements such as: HIPAA, HITRUST, ISO 27001, NIST 800-53, and PCI-DSS;
  • Proven track record - Staying current with industry trends and the latest Information Security practices and standards to ensure effective use of technology.

Basic Qualifications:

  • Almost 20 years of experience involving risk management, information security, and information technology
  • CISO experience leading the information security function for a large organization
  • CISSP, CRISC, CASP, , CICA, CCISO certifications
  • Bachelor's degree in Information Technology (B.S.); Master's in Business Administration (MBA)
  • Doctorate of Science, Technology 

Upcoming Summits

The Strongest Executive Leadership Network

© 2020 HMG Strategy, LLC. All Rights Reserved.