Profile
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
Expertise
- C-Suite Cyber Risk Management
- Cyber Risk Reduction Strategy and Planning
- Program Investment Prioritization
Qualifications
Achievements & Contributions
- Presidential Management Fellow
- DEFCON 2014 Wireless Capture the Flag Competition winner
- Office of the Secretary of Defense Medal for Exceptional Civilian Service
- Author of Understand, Manage, and Measure Cyber Risk (Apress)
Certifications & Credentials
- BS, Purdue University
- MS, Virginia Tech
- MBA, Case Western
- Far too many SANS courses
- CISO Cybersecurity, National Defense University
- Overabundance of Data Warehouse Institute courses
- Cybersecurity: The Intersection of Policy and Technology, Harvard Kennedy School
Upcoming Events
View More
May 20 2026
2026 Q2 Symposium: From Dashboards to Decisions: Build Risk-Driven Security Metrics That Matter
Security teams often produce large volumes of metrics, charts and dashboards that reflect operational activity but fail to convey actual risk. In this symposium, we walk through how to shift from activity‑based reporting to risk‑driven measurement that better represents reality and supports informed decision making. By better understanding your audience in context with your role and operational structure, we provide the tools and approach to help you design KPIs and KRIs that can be translated to overall metrics that are actionable, risk informative and measurable over time.
June 11 2026
2026 Q2 Symposium: Build Modern Third-Party Risk Management That Actually Reduce Risk
The growing reliance on a complex network of vendors, platforms, AI systems and supply chains is forcing teams to reassess third-party risk management (TPRM) programs. Realizing your org is only as secure as your least secure partner - or partners’ partners - leaves teams struggling to address the root risks effectively. In this symposium, we discuss how broader risks, such as those in AI and OT environments, complicate traditional approaches and why outdated methods, including questionnaires, fail to provide the necessary insight. We then share practical, actionable strategies to build and scale your TPRM program to more fully understand risk, and accept or mitigate it, while still enabling the business.