Modern CISO Network: Board Book

With more than 25 years of experience in financial services and technology, Mandy Andress has developed a deep expertise in identifying, evaluating, and mitigating information security risks as an advisor to the board and senior management and has a proven track record of leading information security functions as well as managing global teams. Mandy has served as a thought leader on information security subjects, publishing the book Surviving Security. Mandy also served as the author for the weekly InfoWorld security column, evaluated and reviewed security technologies with Network World, taught risk management at the university level, and presented at leading industry conferences. As the CISO of Elastic, her primary responsibilities include setting strategic direction, implementing the company’s first information security program in preparation for IPO, and evaluating and communicating information security risks to the board and senior management. Mandy served 13 years at MassMutual, a Fortune 100 company. She led the information security organization of 75 people with an annual $50 million budget and advised the board and senior management on information security risks. Other roles she filled in her time at MassMutual include information security strategy, technology compliance officer, establishing the information risk management function, and leading a three-year, $75 million rebuild program of the security technology stack and security operations center.

Mandy has served on customer advisory boards for several technology companies, such as RSA Archer, Anomali, and ForeScout. She advises startups in the security industry on ideation, market fit, product capabilities, and product direction. She currently participates in the Silicon Valley CISO Investments (SVCI) syndicate to evaluate, invest, and advise new companies in the security industry.