Rick has been helping organizations elevate their security and compliance practices for more than 16 years. Although Rick has consulted for – and led – information security programs at organizations of all sizes, in nearly all industries, he has extensive experience in the fields of education, finance, government, manufacturing, logistics, and service delivery. Pragmatic and resourceful, Rick provides actionable security and compliance solutions through a combination of simplification, creative reuse of existing tools/processes, and the application/reinforcement of proven security and compliance patterns.
BS in Accounting Information Systems and BS in Management Information Systems, Duquesne University
Rick is an active participant in the information security community and has spoken at a variety of industry events including B-sides, ISSA, IANS, and the CSO Breakfast Club. A frequent contributor to the TrustedSec Blog, Rick has also helped to establish and evolve a number GRC and Program Development offerings at TrustedSec, including GDPR assessments, MITRE ATT&CK Path Assessments, and IoT Security Assessments.
Rick is passionate about identifying and exploring creative ways to enhance security and compliance programs – from using theater to train Incident Response teams to utilizing ideograms to communicate the nature and status of the control environment. Additionally, Rick is working on programs to better leverage behavioral economics, game theory, and other psychology-adjacent fields to improve organizational security posture and help reduce industry-wide shortage of skilled security practitioners.