(ISC)² Board of Directors Nomination
Bio: Cindy Cullen, CISSP, CCSK, CISM, ITILv3, MSCsc, has held a CISSP for over 15 years and has worked in cybersecurity in telecommunications, finance, pharmaceutical, healthcare, on government projects and with security vendors. Her extensive and varied background makes her an excellent candidate for the (ISC)² Board. She has experience in cybersecurity research, innovation, hands-on technical work and is an experienced senior manager including as Chief Cyber Security Strategist at Hewlett Packard Enterprise, Chief Technology Officer at SAFE BioPharma, Chief Information Security Officer at Bellcore and most recently as an Advisory Consultant to various Fortune 500 companies and governments.
-
Experience in Business Strategy: Please detail your experience in managing a business or business unit, with special emphasis on strategic planning.
As Chief Cyber Security Strategist at HPE she provided strategic leadership on product development interfacing with customers and product management to design products that meet business/industry needs. She was instrumental in integrating multiple products to provide solutions to meet the customer needs, strategy on product development (i.e. adding SAAS and business partner SAAS). Cullen’s team signed one of the largest contracts for the security organization. While at Bellcore, Cullen ran the Security and Fraud Solutions Business Unit. She managed strategic and tactical plans, business development, sales team interactions, customer development, business partner development, staffing, contracts, SLAs and vendor management. Under her leadership the program grew by 30 percent.
-
Professional Education: Describe any professionally-relevant higher education and/or professional education experience, training and certifications.
Cullen has a Master’s in Computer Science and more than twenty years’ experience in cybersecurity. She has a CISSP, Certified Information Security Manager (CISM), Six Sigma Black Belt (SSBB), CCSP and Information Technology Information Library ITILv3.
-
Industry Board Experience: Please describe any current or past industry board experience, including your role, strategic contributions, and any measurable outcomes.
Cullen has had a lifelong interest in education. She served on the Bridgewater-Raritan Board of Education as a publicly elected official for nine years including as President, Vice President, and chairman of committees. Her accomplishments include enhancement of computer education courses, collaboration with municipal government and public library system, greater performance accountability and strategic personnel changes. Additionally, she was re-elected three times!
-
Skills and Expertise: Please describe specific areas of expertise you would bring to the Board and apply to the organization’s strategic planning.
Cullen has extensive strategy and planning experience across cybersecurity products and services development, as well as leadership at nonprofit associations providing educational and professional programs. Cullen has the ability to see the issues, propose solutions and get the project completed. For example, when she started as CTO the solution was adopted by only a handful of people. She re-designed the technical and business strategy. She proposed a technical redesign, re-architected the solution, provided oversight on move to the cloud, and facilitated a POC including a public private partnership with NCI. As Advisor, Cullen took an identity and access management project had languished for three years and was able to complete the project in six months. Additionally, a few weeks before a conference was scheduled to take place, attendance was extremely low. Others wanted to cancel the conference, but Cullen insisted the “show go on.” The conference was a major success with a near capacity crowd and was an excellent fundraiser for the (ISC)² NJ Chapter.
-
Your Goals and Objectives: Why are you interested in serving on the (ISC)² Board of Directors, and where would you like to lead (ISC)² as a Member of the Board of Directors?
As a member of the (ISC)² Board of Directors, Cullen will facilitate expanded involvement of (ISC)² certificate holders, increase the number of certificate holders, increase types of certifications, increase the community outreach program and expand the reach of (ISC)² via communities, chapters andsocial media.
-
(ISC)² Strategic Contribution: What would you like to see done to improve (ISC)²’s strategic contributions to the information security community?
There are three areas Cullen would like to see enhancement to (ISC)²’s strategic contribution to the information security community. Those are • Address the shortage of qualified information security professionals • Attract a diverse population to the industry and to involvement within (ISC)² • Raise the level of involvement of (ISC)² in policy and standards development.
The number one challenge facing the information security industry is lack of qualified cybersecurity professionals. (ISC)² is assisting in addressing the shortage in many ways with certifications, chapters, webinars and training programs and Cullen would like to see continued strengthening of chapters, creating stronger relationships with universities at the Chapter level, and greater collaboration within (ISC)². As a chapter leader, Cullen has developed relationships with New Jersey universities. She has managed Capstone projects for the New Jersey Institute of Technology student graduate projects that provide real world experience. The Capstone project is developing a few vulnerable sites and providing access to open source vulnerability testing tools (i.e. metasploit, ZAP, wireshark…) so that students receive hands-on experience. (ISC)²would benefit from greater involvement in policy development at the local, national and international levels. There is a need for expert guidance and insights for legislators and government leaders and standards bodies. This would enhance (ISC)² standing in the industry, provide badly needed expertise and lead to much better legislation and standards.
-
Regional and Cultural Perspective: Please describe any specific regional or cultural perspectives you may bring to the Board based on living and/or working in various regions of the world.
On a regional basis, Cullen has been involved in giving back to the cybersecurity community by being actively involved in regional activities – giving cybersecurity presentations at a regional (PA, MA, NY, NJ, DC) at a national (FL, CA, CO, MN, IL, …) and international (Japan, U.K., Germany, Slovenia, Malaysia, Singapore) level. Additionally, she has managed outsourced services throughout the world. Cullen has experience interfacing with support and service delivery organizations around the world including Brazil, Ireland, Yugoslavia, Slovenia, Philippines, and India.
-
Professional Recognition: Please detail any recent or notable professional or peer recognition, including recognition of your skills, strategic contributions, or trust. Also include public speaking, authorship of notable books or papers.
Cullen was awarded the Digi for pioneering use of inter-operable digital identities by the National Cancer Institute (NCI) and industry cancer researchers that demonstrates how clinical trial initiation can be accelerated while reducing costs. Her project was awarded the ComputerWorld Laureate Honor for "Research Collaboration in the Cloud: How NCI and Research Partners are using Inter-Operable Digital Identities, Digital Signatures and Cloud Computing to Accelerate Drug Development" and was recognized by United States National Strategy on Trusted Identities in Cyber Space (NSTIC). Cullen is a recognized national and international speaker receiving invitation to speak worldwide at various conferences such as (ISC)² Congress, Secure Boston, SECON2017, NYMJCSC, RSA, ISSA, OWASP, DIA, OASIS, HOPE, Burton Group, NIST, and IDTrust.
-
Information Security Experience: If you have specific information security experience you feel would be relevant to the board, please include here.
Cullen has more than twenty years’ experience in cybersecurity including as CISO, CTO, Chief Cyber Security Strategist and Cybersecurity Advisor. She has developed programs to address all facets of cybersecurity. As a recognized national and international cybersecurity professional and has spoken at various conferences, including (ISC)²Congress, Secure Boston, SECON2017, NYMJCSC, RSA, ISSA, OWASP, DIA, OASIS, HOPE, Burton Group, NIST, and IDTrust.to list a few. cynthiadcullen.com https://www.linkedin.com/in/cindycullencissp/
-
Leadership or Management Experience: Please describe any relevant leadership or management experience in any part of your professional career.
At Bellcore, Cullen led a team of 30 cybersecurity consultants increasing the size of the organization and sales by 30 percent. As CTO, Cindy set the technical direction for a digital identity for the healthcare and pharmaceutical industry. This included rearchitecting the solution to make it user friendly, compliant with national and international standards, implementing the technical infrastructure, and obtaining adoption in U.S. and EMEA including explicit mention in regulations. As a Fellow at Institute of Critical Infrastructure, she provided thought leadership through interviews, publications, webinars, and other educational offerings including advising U.S. Congress on technology policy. As Chief Cyber Security Strategist, Cullen worked with the application design teams and Fortune 50 customers to ensure products met business needs of customers, developed sales strategies. Her team won the largest multimillion dollar contract.