Stephen Marchewitz

Director of Practice Development

Experience

Stephen has been in the security and risk industry for over 13 years and in IT for over 20 years. He has assisted companies in driving change to ensure clients are successful both in receiving value from products and services as well as managing the security and compliance risks of new projects and technologies. He’s served as an outsourced Chief Information Security Officer for a dozen different companies and consulted to some of the largest companies in the world. Prior to joining TrustedSec, Stephen was the Global Risk Practice Manager in the Digital Transformation Group at Cisco, President and Advisory Practice Lead for a leading information security firm for nine years, a Management Consultant with Ernst & Young, held Technology Management and sales positions with CA and Oracle, and developed new offerings in the insurance industry as an Underwriter and Program Director with Willis Coroon/Chubb in underwriting risk. He is dedicated to helping customers implement the right solutions and services that best meet their business needs, thus allowing them to achieve new levels of success.

Education & Certifications

  • University of Michigan, Bachelor of Arts degree in Business Communications and Statistics
  • Case Western Reserve University, MBA in Management Information & Decision Systems
  • PCI Qualified Security Assessor (QSA)
  • Certified ISO 27001 Auditor

Industry Contributions

Stephen has been quoted in such magazines as: Banking Info Security, Government IT, Wall Street Technology, Transaction World, Infosec Institute, Crains, Automation World, Modern Economics, among many others. He’s also presented at various events across the country including: ISACA, ISSA, SecureWorld, the Infosec Summit, Business of Security, the IoT World Forum, various Cisco events, and numerous webinars.

Passion for Security

Stephen’s passion is helping people. He addresses not only technical issues, but more importantly the human issues that CISO’s deem as their greatest areas of need. Stephen is counted on as an expert in risk, security, business intelligence, and decision support systems. Enterprise risk management is an area that many executives and boards are struggling with. He has assisted by giving clear direction and putting complex thoughts into layman’s terms.

Recent Blog Posts

NFT Crime: From the Simple to the Ingeniously Simple

By Stephen Marchewitz and David Boyd
In Decision Making
If you guessed these two things—a 10-kilo bar of gold and this image from the Bored Ape Yacht Club (BAYC)—cost about the same, roughly $600,000, you’d be right. And if it’s hard to believe this is true, you’d be like almost everyone else in the world. Basically, a one-of-a-kind cartoon in a type of video...
Read

Is Cyber Insurance Becoming Worthless?

By Stephen Marchewitz
In Decision Making, Incident Response, Incident Response & Forensics, Leadership, Remediation Assistance & Training, Security Remediation
New challenges have emerged that make it difficult to transfer risk. Ransomware has changed the game An overlooked yet the increasingly important challenge in information risk management is finding the right balance between cybersecurity and cyber insurance. We continue to see organizations hit with ransomware from a variety of vectors, including spam emails, drive-by downloads,...
Read

Companies on High Alert for Unemployment Fraud

By Stephen Marchewitz and Justin Vaicaro
In Business Risk Assessment, Decision Making, Security Program Assessment, Security Program Management, Social Engineering
Proactive Measures to Thwart Unemployment Fraud In the past few months, the TrustedSec Incident Response team has responded to several incidents of unemployment benefit fraud. Due to the pandemic and nationwide lockdowns, there has been an extremely high volume of unemployment claims submitted across the United States, and with greater instances of fraud making it difficult...
Read
View all posts from Stephen

Recent Webinars

Understanding What Burp Suite Brings to Your Application Assessment

You’ve heard it mentioned before. Now understand why it’s used in assessments. Whether you’re on a security team or a developer team, you’ve likely heard Burp Suite mentioned during an application assessment. Understanding the basics of the tool and how...
Watch

Navigating the “Penetration Testing” Landscape

One name, many meanings. Validating the effectiveness of your security controls through penetration testing is a crucial element in constructing a robust security posture. However, performing the wrong level of analysis can be frustrating or even give an organization a...
Watch

Ensuring Ransomware Resilience

Ransomware Has Truly Changed the Paradigm. Ransomware has been the top issue facing organizations since 2020. The monetary losses have been unlike anything we’ve seen in both organizational cost and industry scale. In fact, the costs are so high that...
Watch
View all webinars from Stephen

Recent Podcasts

TrustedSec Security Podcasts

Who is Reading Your Gmail?

October 05, 2022

Want to work with Stephen Marchewitz or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us