Board of Advisors

Gary Eppinger

Global VP, Chief Information Security Officer and Privacy Officer, Carnival Corporation

Gary conceives, implements, and leads technology solutions that protect corporate assets, increase organizational capability, and advance productivity for Fortune 100 companies. He is recognized globally as a highly valued resource with an exceptional ability to build and develop IT teams that deliver critical business objectives in companies within transformation. Ranked 24th in xec’s “Top Security Executive Rankings”, Gary is an active speaker on IT and Cyber Security, while helping numerous companies as a valued board advisor.

Gary B. Harbison

VP, Global Chief Information Security Officer, Bayer

As VP and Global Chief Information Security Officer for Bayer, a multinational pharmaceutical and life sciences company, Gary Harbison leads the Information Security Office (ISO) with global ownership of Information Security, IT Risk Management, and protection of Bayer’s critical data. Through his leadership, Gary’s organization is responsible for the Global Information Security Strategy, IT Risk Management & Compliance, Security Education & Awareness, Cyber Threat & Intelligence, Business Continuity Planning, and Governance of the IT security controls and Privacy program. Gary and the ISO are focused on managing Bayer’s Risks and Cyber Threats globally, and enabling the business with pragmatic security solutions. Gary is also a member of the IT Leadership Team helping to define and drive Bayer’s global IT strategy. Gary has 19 years of overall IT experience, with 17 of those focused in the Information Security domain. This has included multiple global Fortune 500 companies, as well as public sector experience with the US Department of Defense. His background has included technical experience, strategy and architecture focused roles, cyber and threat experience.

Jim Routh

Former CISO of MassMutual, CVS, Aetna

Jim is currently an advisor for Gurucul and Agari, a board member for the University of Cailifornia Berkeley Center for Long Term Security. Jim Routh is the former Board Chair for the Health Information Sharing & Analysis Center (H-ISAC) where he served for five years and former Board member for the Financial Services Information Sharing & Analysis Center (FS-ISAC). He presented to Boards and Board Committees (Technology & Governance, Audit Committees) for many public and private companies as the CISO or CSO providing cyber security updates and education for board members for the past twenty years. Jim Routh is currently on the Board of ZeroNorth and Acceptto, two early stage cyber security software companies. He serves in an advisory capacity and investor for three cyber specific venture funds including: ClearSky, CyberStarts and Rain Capital.

Jim has along history in technology and cyber security as a leader and management consultant. Mr. Routh was formerly a cyber security leader for many large companies including MassMutual CISO, CVS Health/Aetna CSO, JP Morgan Chase- Global Leader for Software & Mobile Security, KPMG CISO, Depository Trust & Clearing Corporation (DTCC) CISO, and American Express CISO. At Aetna, he developed one of the most mature converged security programs in the private sector. Prior to that Mr. Routh served as an IT leader at American Express and a management consultant for over a decade for financial service firms.

Jim is recognized as an industry leader in digital transformations and innovation in cyber security practices using data science as a foundation for unconventional cyber security controls and enterprise resilience. He is a known icon in the cyber security industry, among the awards he has received is the Santa Fe Group/Shared Assessments Lifetime Achievement Award, CSO Hall of Fame, ISE Luminary Award, Evanta Break Away Leadership Award, Information Security Executive of the Year Award (twice), BITS Leadership Award.

Jerry Archer

Chief Security Officer, Major Financial Services Company

As CSO of a major financial services company, Mr. Archer’s responsibilities include securing and protecting all of organizations systems and offerings, and for security initiatives across the company. He has more than 30 years of experience at other leading companies and government agencies, including Intuit, Visa, and the CIA. He is a founder and board member of the Cloud Security Alliance; a fellow at the Ponemon Institute, the premier consumer privacy research institute; a member of the Advisory Board, George Mason University International Cyber Center; on the Security Innovation Network Showcase steering committee; and a member of numerous industry and corporate advisory boards. Mr. Archer was also named the 2011 North American Information Security Executive of the Year.

Joe Sullivan

Chief Security Officer, Cloudflare, Inc.

Joe Sullivan is an expert on internet security and privacy. Most recently Joe was the Chief Security Officer at Uber, where he led the company’s information security, product security, investigations, and law enforcement relationship teams. Joe also helps direct the efforts of a number of boards that promote internet safety and security, including as a member of the White House Commission on Enhancing National Cybersecurity, the National Cyber Security Alliance, the Action Alliance for Suicide Prevention, and the Bay Area CSO Council. He also serves on the Trust Advisory Board of AirBnB and the Executive Advisory Board of Gurucul. Prior to joining Uber, Joe led the CISO office at Facebook. In his previous engagements, Joe spent 6 years working in a number of security and legal roles at PayPal and eBay, including at different times, overseeing user safety policies, directing company relations with law enforcement, guiding eBay’s regulatory compliance efforts, and managing PayPal’s North America legal team. Before entering the private sector, Joe spent 8 years with the United States Department of Justice. As a prosecutor in the U.S. Attorney’s Office for the Northern District of California, he was a founding member of a unit dedicated to full time investigation and prosecution of technology-related crimes.

Teri Takai

Senior Advisor, Center for Digital Government

Teri Takai is a Senior Advisor with the Center for Digital Government and was previously the CIO and EVP of Meridian Health Plan, Teri Takai also served as the Department of Defense Chief Information Officer (DoD CIO) from October, 2010 through May, 2014. In this capacity, she served as the principal advisor to the Secretary of Defense for Information Management/Information Technology and Information Assurance as well as non-intelligence space systems, critical satellite communications, navigation, and timing programs, spectrum and telecommunications. She provided strategy, leadership, and guidance to create a unified information management and technology vision for the Department. Prior to this federal political appointment, Ms. Takai served as Chief Information Officer for the State of California. As California’s CIO, Ms. Takai led more than 130 CIOs and 10,000 IT employees spread across the state’s different agencies, departments, boards, commissions, and offices.

William Scandrett

CISO, Allina Health

William Scandrett is an accomplished information security leader with a proven track record of establishing successful security programs across retail, finance, and healthcare industries. As CISO for Allina Health, William is responsible for the Security Governance, Identity, and Cybersecurity programs as well as technology compliance and risk management.

Prior to Allina Health, William served as CISO for HealthEast, and held the Information Security Director role at Ameriprise Financial where he led the Identity Management and Governance, Risk, & Compliance (GRC) programs. William also led the IT Compliance program at GMAC ResCap and consulted at Best Buy through Accenture to help establish their global technology compliance program and software development methodologies.

William is recognized in the information security community for his knowledge, vision and leadership in the areas of Identity, Compliance, and Risk Management. He has been asked to attend a number of CISO forums and roundtables and is an active member in many professional security organizations.