My name is Jeff Warren and I started South Lake Cyber Risk, LLC (SLCR), when after more than 20 years in the industry I saw conventional approaches to cybersecurity fall short.

Effective cybersecurity isn’t easy, but it is achievable.

My approach is based on decades of experience in all aspects of information technology where I learned when people are empowered by effective, risk-focused cybersecurity and governance practices, the entire organization benefits.

As a senior technology executive and former Chief Information Security Officer (CISO), I led numerous tactical and strategic security and compliance engagements for domestic and global organizations across industry verticals. Key elements to this success are a critical understanding of technology, risk methodologies and experience with complex and dynamic organization and cultures.

Regardless of your industry, or if you’re a like-minded cyber-risk consulting organization, I welcome the opportunity to meet with you to discuss your challenges.

Past Projects:

• Designed and implemented an integrated approach to cyber risk management, pairing cybersecurity professionals with IT auditors to facilitate automated, rapid identification and remediation of underperforming controls.
• Led information security incident response and incident handling based on event severity classifications.
• Redesigned an organization’s cybersecurity operations to create the first global SOC to rapidly detect and respond to threats against more than 10,000 endpoints.
• Implemented a weighted third-party risk assessment process to measure the potential impact of supplier processes on cybersecurity posture, aligned by NIST 800-161.
• Led an organization to achieve six, ISO 27001 third-party audit cycles without any material findings.
• Created an organization’s first Information Security Management System and ensured alignment of the organization’s policies with IT, HR, Legal, and Operational needs.