Modern CISO Network: Board Book

A directory of board-ready security leaders

Back to directory

location

AMER

areas of expertise

  • Risk management
  • Insider threat
  • Security operations
  • Incident response
  • Breach notification/regulations
  • Vulnerability threat management
  • Data privacy
  • Control failure/root cause analysis
  • Cyber risk
  • Operational resilience
  • DevOps

contact

linkedInEmail
Card Photo

Richard Nolan

Deputy CISO

Biogen

Richard Nolan is a transformative cybersecurity executive leader with 20 years of experience leading excellence in cybersecurity strategy, programs, architecture, and reporting frameworks coupled with a unique blend of business acumen and deep subject matter expertise across multiple technical domains. He is a visionary who translates evolving industry risks into technical roadmaps and robust security programs across financial, pharma, educational, and government agencies.

Notably, he redesigned the cybersecurity program at a leading pharmaceutical manufacturing company establishing alignment to industry best practices across both IT and OT, while introducing an agile DevSecOps process. He developed and implemented a data-driven, empirically based cyber risk program, at a Fortune 100 multinational conglomerate, that established alignment between business risk appetite statements and NIST CSF diagnostic statements that mapped to regulatory elements and operational outcomes. This created a transparent risk assessment process that improved regulatory reporting and accelerated focused cyber improvement efforts through quantitative and qualitative measurement.

Richard transformed a multinational corporate global cyber program where incident reporting were thematically analyzed to expose systemic threats and risks otherwise undiscovered through individual event reports. These thematic technical root causes and contributing factors were then fused against adversary campaigns to develop proactive hunting strategies aligned to what knowledge the threat adversary may have gained related to corporate defense in depth strategies.

He also established and led a nationally recognized computer forensics/incident response applied research department at Carnegie Mellon University`s DoD sponsored Federally Funded Research and Development Center (FFRDC) that provided the USG with both direct operational support and specialized tools/techniques for responding to advance persistent and large-scale cyber threats to nations most significant cyber incidents.

© 2023, Lacework, All Rights Reserved.

Privacy PolicyTerms of Use