Brian R. Schultz
Details
The George Washington University
Bachelor of Business Administration (BBA), Minor : Economics
James Madison University
Valedictorian, Cadet Commander, Bronze Medal of Valor, Eagle Scout
Miller School of Albemarle
• Supply Chain Product Security – cybersecurity of the product from inception to delivery : intellectual property (IP) cybersecurity; component cyber provenance and cybersecurity; firmware lifecycle cybersecurity; software lifecycle cybersecurity; embedded systems cybersecurity; product aggregated cybersecurity risk management best practices, standards, assessments, and metrics
• Supply Chain Internal/External Business Continuity – Operational Reliability – build resilience and reduce exposure to downtime
• Supply Chain 3rd Party Cybersecurity Risk Management – build supplier reliability through supply chain specific cybersecurity procurement standards, contractual clauses, audit and best practices
• Supply Chain Cybersecurity Governance Risk Management and Compliance (GRC) – build an effective GRC capability to deliver effective supply chain efficiencies, quality management, CxO/Board communications, audit and compliance.
2022 : Present
Gartner
Senior Director, Supply Chain Cybersecurity
Executive Cyber Advisor to executive boards and CxOs (CEO, CIO, CSO, CISO, CTO,CRO) solving execution and business challenges with :
• Advanced Persistent Threat (APT) attack vectors and systemic system vulnerabilities
• Product INNOVATION and evolution
• Disruptive technologies
• Artificial Intelligence (AI) / Machine Learning (MI)
• Operational Technology (OT)
• Industrial Control Systems (ICS)
• Internet of Things (IoT)
• Integrated Circuit Security
• National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
• Cybersecurity Maturity Model Certification (CMMC)
• Law, regulation, standard, and guidance compliance
Innovates actionable solutions through collaborative engagement with client teams and extensive network of technical cyber experts to solve complex cybersecurity and physical security challenges :
• Yielding optimal product and enterprise-wide cybersecurity posture
• Delivery of critical business outcomes based on establish key performance measures (KPMs)
• Balanced risk tolerance, risk reward, and return on investment (ROI) ratios
Laws, regulations, standards and guidelines :
• NIST Cybersecurity Framework (CSF)
• Risk Management Framework for Information Systems and Organizations, A System Life Cycle Approach for Security and Privacy 800-37 Rev 2
• Security and Privacy Controls for Information Systems and Organizations NIST 800-53, Rev 5
• Cyber-Risk Oversight : Key Principles and Practical Guidance for Corporate Boards, National Association of Corporate Directors (NACD)
• General Data Protection Regulation (EU) 2016/679 (GDPR)
• California Consumer Privacy Act (CCPA)
• Virginia Consumer Data Protection Act (CDPA)
• Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012
• Federal Risk and Authorization Management Program (FedRAMP)
• Guide to Industrial Control Systems (ICS) Security NIST 800-82
• Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations NIST 800-171, Rev 2.
2020 : 2022
CyberAlphas
Chief Cyber CxO Advisor
Senior Director | Technical Director of Cyber Architecture and Advisory Services within the Cyber Innovations Business Unit at the Battelle Memorial Institute, world’s largest non-profit Research and Development (R&D) organization (24K employees/120 global locations). Managed the execution of over $30M of annual CISO advisory and research and development (R&D) programs employing over 150 cyber scientists, engineers, researchers, and senior-level advisors as part of a matrixed management team. Designed and executed cyber talent acquisition, growth and retention program.
Led senior-level cyber and physical security policy, doctrine and architecture experts to advise senior-level executives in the IC, DoD, DHS, FBI and Fortune 500 companies to develop optimal return on investment (ROI) of cyber solutions for optimal enterprise-wide cybersecurity. Directed and led teams to execute the following cyber programs :
• DoD, Chief Information Officer (DoD CIO) and the Deputy CIO (DCIO) for Cybersecurity (CS)
• Army Cybersecurity Directorate, Identity Management Division, Army CIO/G-6
• DHS, Science and Technology (S&T) Directorate
• DoD, USNORTHCOM
• Marathon Petroleum Corporation, a Fortune 25 Company
• DoD, Blue Grass Chemical Agent-Destruction Pilot Plant (BGCAPP)
• Oak Ridge National Laboratory (ORNL)
• FBI - CJIS Division, Information Security Officer (ISO)
• DoD, Joint Improvised Explosive Device Defeat Organization (JIEDDO)
• National Air and Space Intelligence Center (NASIC), United States Air Force (USAF)
• Defense Threat Reduction Agency (DTRA), Project Ancile
• DNI, Chief Information Officer’s (CIO) Office
• DoD, DTIC, Chemical, Biological, Radiological and Nuclear Information Analysis Center (CBRNIAC) knowledge management repository
• DoD, United States Marine Corps (USMC)
• U.S. House of Representatives
• U.S. Food and Drug Administration (FDA)
2006 : 2020
Battelle
Senior Director | Technical Director, Cyber Innovations Unit
Engaged personal and professional network of senior-level cyber and physical security technical experts to develop the internal research and development (IR&D), science and technology (S&T) and capital investment strategy, as well as an applied R&D roadmap, to inform a $5M multi-year investment to launch the highly-successful Battelle Cyber Innovations Business Unit resulting in year over year double digit growth to achieve a fully funded $30M annual revenue business.
The business growth R&D roadmap traceability matrix included drawing corollaries between immediate and near-term cyber challenges (e.g., embedded systems, secure code, supply chain assurance, vulnerability research, IPv4, quantum computing, cloud computing, unmanned autonomous weapon systems, cyber intelligence and cyber doctrine), Technical Readiness Levels (TRL), sponsors, funding sources, contract vehicles and competitors. Strategic roadmap resulted in the development of multiple marketable 6.3 TRL applied R&D solutions for the Intelligence Community (IC), DoD, and Law Enforcement (LE) sponsors.
Capture and Proposal Manager leading a team of 22 proposal writers to win the DoD Defense Technical Information Center (DTIC) $5B TS/SCI Cyber Security Technical Area Task (CSTAT) contract. After contract award, served as the CSTAT Program Manager to lead a multi-disciplinary team of three Battelle R&D business units and 26 industry partners to establish the strategic capture, business development and proposal efforts resulting in the award of $78M of contracts with a pipeline of $170M in future sales.
2011 : 2015
Battelle
Cyber Practice & Research Leader
As the Proposal Technical Lead, led seven Battelle R&D business units and 56 industry partners to execute the technical approach to 22 multi-disciplinary Scientific and Technical Information (STI) focus areas to win the DoD DTIC 10 Year $28B TS/SCI Information Analysis Center Multiple Award Contract (IAC MAC).
As a Research Leader, served as the principal cyber R&D liaison with the cyber labs at Battelle-managed/ co-managed Pacific Northwest National Laboratory (PNNL), Idaho National Laboratory (INL), Oak Ridge National Laboratory (ORNL), Lawrence Livermore National Laboratory (LLNL) and the CyLab at Carnegie Mellon University.
2009 : 2011
Battelle
Senior Director | Cyber Security Practice
Skills
Auditing, Board Governance, Board of Directors, Business Analysis, Business Continuity Planning (BCP), Business Development, Business Management, Business Strategy, Change Management, Compliance Management, Corporate Governance, Cyber Defense, Data Analysis, Data Security, Disaster Recovery, Enterprise Risk Management, Governance Risk Compliance (GRC), Identity and Access Management (IdaM), Information Security, Information Security Management, Infrastructure, Internal Audits, Intrusion Detection Systems (IDS), ISO 27001, IT Audit, IT Operations, IT Risk Management, Key Performance Indicators, Leadership, Legal Compliance, Management, Mentoring, Network Security, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, Physical Security, Regulatory Compliance, Risk Analysis, Risk Assessment, Risk Management, Security, Security Policy, Standards Compliance, Strategic Planning, Team Building, Team Leadership, Team Management, Threat Intelligence, Vulnerability Assessment, Vulnerability Management
About
Business executive cyber leader with a $7B 25+ year board and CxO advisory career defending against the most aggressive adversaries:
• Led, developed, and delivered large complex enterprise-wide cyber strategies, policies, standards, architectures
• Cyber product risk-reward selection and retention tradeoff ROI decision analytics
• External and internal APT threat hunting and vulnerably assessments
• Cloud security architectures
• Disruptive information technology (IT) analysis
• Developed and executed strategies for risk-based compliance (e.g. HIPAA, GDPR, FERPA, CCPA, CDPA, PCI, SOX ) and frameworks (e.g. NIST CSF, 27001, COBIT, CMMC, Zero Trust) to maximize cybersecurity posture, uptime, optimal cyber program ROI, KPI and KPM results.
• Development of executive board and CxO strategic solutions
• Established, expanded, and maintaining mission focused cyber business practices and disruptive research and development (R&D) organizations (Battelle, Nortel, Arthur Andersen). Responsible for marketing, selling, capture, winning, leading, managing, schedule, costs, recruiting, staffing and delivery of over $7B in contracts
• Executed executive management, critical thinking and offensive nature inspired solutions to deliver needle moving results
• Passionate mentor hired, trained, motivated, and retained extraordinary multi-disciplinary cyber technical staff under formal structured mentorship programs to shape cohesive, loyal, and high-performance cyber teams
Verticals and clients:
• Fortune 500
• Healthcare
• Critical Infrastructure
• Non-profits
• Defense Industrial Base (DIB)
• National Security Agency (NSA)
• Central Intelligence Agency (CIA)
• Director of National Intelligence (DNI)
• Department of Defense (DoD)
• Federal Bureau of Investigation (FBI)
• Department of Homeland Security (DHS)
• National Aeronautics Space Administration (NASA)
• U.S. Department of Treasury
• U.S. Export Import Bank (EXIM)
• General Accountability Office (GAO)
• Department of Labor (DoL)
• Panama Canal Commission (PCC)
• Food and Drug Administration (FDA)
• U.S. Department of Energy (DoE)
• Oakridge National Laboratory (ORNL)
• Lawrence Livermore National Laboratory (LLNL)
• U.S. House of Representatives (USHOR)
Profile Photo
