Why Nominated: Having spent decades leading and advising both technology and information security companies, Rothrock knows that cybersecurity for any organization goes well beyond just deploying and managing strong technologies. It’s also about strategically thinking about security needs holistically top down. And, for him, this means that since every entity is a “cyber organization,” the related risks they face are a CEO and board-level responsibility. With this foundation in mind, Rothrock works well beyond the confines of his office, reaching out practitioners, C-level executives, government leaders and even average citizens through a bevy of activities and ventures.
Profile: After spending some 25 years at Venrock, the Rockefeller family’s VC division, investing in dozens of leading tech companies, Rothrock founded RedSeal and became its CEO and chairman in 2014 because of his strong belief in its cyber resiliency and risk modeling platform. Under his guidance, the company now serves more than 220 government agencies and Global 200 organizations.
But, his work goes well beyond that of a corporate leadership executive. In addition to keynoting and chairing a range of technology, cybersecurity and national security conference and serving on various advisory and leadership boards with the likes of the U.S. Department of Energy, the Nuclear Energy Advisory Committee, MIT and still others, he also has found time to write a book that has been touted as a “Top 10” must-reads on cybersecurity this year. Called “Digital Resilience: Is Your Company Ready for the Next Cyber Threat,” the book has educated both public and private leaders about how vital it is for top-level executive to educate themselves and understand and support risk management and digital resiliency plans. “If you’ve recently been put in charge of IT or IT operations and didn’t grow up in cybersecurity over the past 20 years, this book is for you. It’s also equally useful for new CEOs, CFOs and board members who need to understand cyber risk without getting overwhelmed with IT technology or defeatism,” said Ron Gula, Tenable Network’s co-founder.
In addition to this work, Rothrock also was selected to join the board of The Nuclear Threat Initiative this year to help expand its mission. Known for spearheading undertakings to help prevent nuclear, biological, radiological and chemical attacks of mass destruction and disruption, the group is looking to Rothrock and other of its board members to help it more strongly address massive cybersecurity assaults. This and other of his efforts underpin his belief in strategically thinking about cybersecurity holistically, which means making your organization more resilient. So, rather than trying to address cyber risks simply by investing millions of dollars in technology, executive leaders must also ensure that their infrastructures are durable and adaptable through such actions as active monitoring, establishing practices that allow for the containment and understanding of attacks when they do occur, and creating business continuity and disaster recovery plans to keep up and running during and after an attack happens.
What colleagues say: "Ray told me back in 2004 [that] he wanted to do more to understand complex networks. He thought that knowing what you have and how it’s connected allows you to find any security gaps before they were exploited. This was the beginning of his focus on resilience rather than perfect protection. He brought in engineering talent and added management experience and funding to found RedSeal. He’s stayed on that course, improving on the concept over the years. … [He] has made it his mission to spread the word about the importance or resilience.” – Rhonda MacLean, CEO, MacLean Risk Partners
-Illena Armstrong