About

Jeff Warren

My name is Jeff Warren and I started South Lake Cyber Risk, LLC (SLCR), when after more than 20 years in the industry I saw conventional approaches to cybersecurity fall short.

Effective cybersecurity isn’t easy, but it is achievable.

My approach is based on decades of experience in all aspects of information technology where I learned when people are empowered by effective, risk-focused cybersecurity and governance practices, the entire organization benefits.

As a senior executive and former CISO, I have led numerous tactical and strategic security and compliance engagements for domestic and global organizations across industry verticals. Key elements to this success are a critical understanding of technology, risk methodologies and experience with complex and dynamic organization and cultures.

Regardless of your industry, or if you’re a like-minded cyber-risk consulting organization, I welcome the opportunity to meet with you to discuss your challenges.

Past Projects:

  • Designed and implemented an integrated approach to cyber risk management, pairing cybersecurity professionals with IT auditors to facilitate automated, rapid identification and remediation of underperforming controls.
  • Led information security incident response and incident handling based on event severity classifications.
  • Redesigned an organization’s cybersecurity operations to create the first global SOC to rapidly detect and respond to threats against more than 10,000 endpoints.
  • Implemented a weighted third-party risk assessment process to measure the potential impact of supplier processes on cybersecurity posture, aligned by NIST 800-161.
  • Led an organization to achieve six, ISO 27001 third-party audit cycles without any material findings.
  • Created an organization’s first Information Security Management System and ensured alignment of the organization’s policies with IT, HR, Legal, and Operational needs.

Current Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified in Governance of Enterprise IT (CGEIT)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Ethical Hacker (CEH)
  • CMMC Certified Professional (CCP)
  • Information Security Management System Lead Auditor
  • Certified in Risk and Information Systems Control (CRISC)
  • Cisco Certified Network Associate (CCNA)
  • Microsoft Certified Systems Engineer (MCSE)
  • CompTIA Network+

Affiliations:

  • ISACA (Central Florida Chapter) Membership Director
  • ISC2 (Central Florida Chapter) Member 
  • ISC2 (Tampa Bay Chapter) Member 
  • InfraGard (Central Florida Chapter) Member
  • Information Systems Security Association (ISSA) Member
  • EC Council Member 
Scroll to Top