As the Vice President of Online Business Systems’ Risk, Security, and Privacy Consulting Practice, and Online’s Chief Security Officer, Steve leads a vibrant, pragmatic, risk-based business-minded security consulting practice that focuses on right-sized security, including advisory services, governance/program management and risk assessments (PCI, ISO, NIST, and HIPAA,) technical services (vulnerability scanning and penetration testing.) data protection, and managed security services. Steve is considered a thought leader in the cybersecurity community, delivering several presentations and webinars, and having published dozens of blog posts. Steve holds a CISSP certification and an MBA and has over twenty years of IT security experience, and over 25 years of IT experience. Steve’s strong technical and client management skills combined with his holistic approach to risk management resonates with clients and employees alike. He has performed or participated in hundreds of risk assessments and compliance assessments and has served as a key strategic advisor for hundreds of clients. In addition to serving as virtual CISO for several clients, Steve has also performed security architecture reviews, network and systems reviews, security policy development, vulnerability assessments, and served as cybersecurity subject matter expert to client and partner stakeholders.