Profile
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
Expertise
- C-Suite Cyber Risk Management
- Cyber Risk Reduction Strategy and Planning
- Program Investment Prioritization
Qualifications
Achievements & Contributions
- Presidential Management Fellow
- DEFCON 2014 Wireless Capture the Flag Competition winner
- Office of the Secretary of Defense Medal for Exceptional Civilian Service
- Author of Understand, Manage, and Measure Cyber Risk (Apress)
Certifications & Credentials
- BS, Purdue University
- MS, Virginia Tech
- MBA, Case Western
- Far too many SANS courses
- CISO Cybersecurity, National Defense University
- Overabundance of Data Warehouse Institute courses
- Cybersecurity: The Intersection of Policy and Technology, Harvard Kennedy School
Upcoming Events
View More
May 21 2025
2025 Q2 Symposium: Develop Metrics Capabilities to Communicate Risk to Business Stakeholders
Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.
June 25 2025
2025 Q2 Symposium: Develop Metrics Capabilities to Communicate Risk to Business Stakeholders
Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.