If you had a chance to read Rich’s and Frank’s previous blogs, you likely already know we started Tidal to enable easier adoption of threat-informed defense by enterprises of all sizes. We are taking a different approach to security—enabling security teams to more effectively optimize their defenses using knowledge of evolving adversary tradecraft. To mature cybersecurity culture away from compliance-driven-box-checking exercises to adversary behavior-oriented approaches will take time. As we succeed, it is our hope that board room conversations will shift their focus toward coverage against adversary tactics, techniques, and procedures.
To successfully transition organizations to a threat-informed mindset, we need to arm security teams and their leadership with tools and information that make this affordable and sustainable. Therefore, it is essential for us to understand the range of needs that exist across target industry segments and enterprises of all sizes. To gain that broad understanding, we have focused on expanding our team with people who offer unique vantages of the security landscape.
Today, we are excited to share with you two of those additions with recognized industry veterans Jenny Menna and Rick Howard. Both bring a wealth of industry experience, working with key decision makers and practitioners to advance cybersecurity. We look forward to leveraging their experiences and knowledge to deliver solutions that advance threat-informed defense for organizations of varying sizes and sophistication levels.
VICE PRESIDENT, BUSINESS SECURITY RISK | HUMANA
Jenny Menna has been a long-time pillar of the cybersecurity community. Jenny uniquely offers a broad range of security leadership perspectives, that include understanding government stakeholder needs and the significant security requirements of enterprises across multiple industry segments.
Jenny is currently the Vice President for Business Security Risk at Humana. Her current and past industry leadership roles include the FS-ISAC Board of Directors and Threat Intelligence Committee, the Global Cybersecurity Alliance Strategic Advisory Committee, the Risk Committee of Early Warning Services, and the National Cybersecurity Alliance Board of Directors. She is a Visiting Fellow at George Mason University’s National Security Institute.
Prior to joining Humana, Jenny served as the Deputy Chief Information Security Officer for U.S. Bank. Jenny also held a variety of senior cybersecurity leadership positions in the Department of Homeland Security. Her responsibilities at DHS ranged from industry outreach to front-line operational and technical activities—including serving as US-CERT Director, to leading national-level policy initiatives.
She received awards for her work under both the Bush and Obama Administrations, and the inaugural Excellence Award from the Multi-State Information Sharing and Analysis Center for her leadership in advancing state and local government cybersecurity. She was selected for the Senior Executive Service in 2009. Jenny received both her Bachelors and Masters degrees from the University of Chicago and is a Certified Information Security Manager.
CSO, SENIOR FELLOW AND CHIEF ANALYST | THE CYBERWIRE
Rick Howard is one of the security industry’s most experienced security executives and an expert on the application of adversary tradecraft to designing security operations. Rick offers a deep understanding large enterprise CISO requirements and the perspective of the security solution vendors that attempt to meet those requirements.
Rick is currently the Chief Analyst, Chief Security Officer, and Senior Fellow at The Cyberwire, a cybersecurity podcasting network. His prior jobs include CSO for Palo Alto Networks, CISO for TASC, GM for iDefense (a commercial cyber threat intelligence service at Verisign), Global SOC Director for Counterpane (one of the original MSSPs). Rick was also Commander for the U.S. Army’s Computer Emergency Response Team where he coordinated network defense, network intelligence and network attack operations for the Army's global network.
Rick was one of the founding organizers who helped create the Cyber Threat Alliance (an ISAC for security vendors) and he also created and still participates in the Cybersecurity Canon Project; a Rock & Roll Hall of Fame for cybersecurity books.
Rick holds a Master of Computer Science degree from the Naval Postgraduate School and an engineering degree from the US Military Academy. He also taught computer science at the Academy from 1993 to 1999. He has published many academic papers on technology, security, and risk and has contributed as an executive editor to two books: “Cyber Fraud: Tactics, Techniques and Procedures” and “Cyber Security Essentials.”
Rich, Frank, and I could not be more excited to work with both Jenny and Rick in this role and are grateful for their participation on the Tidal Board of Advisors.