Paul Proctor is a VP and Distinguished Analyst, and leads CIO research for technology risk, cybersecurity and digital business measurement. Mr. Proctor helps CIOs and senior executives manage risk and technology dependency to balance and protect against the needs to run their business. Mr. Proctor's coverage includes board reporting, KRI development, risk assessment, the Gartner business value model, and digital business measurement (KPIs). His groundbreaking research in risk-adjusted value management helps organizations integrate risk and corporate performance. In 2016, he was appointed to the University of California Cyber Risk Advisory Board by former Secretary of Homeland Security and current UC President, Janet Napolitano.
Mr. Proctor has been involved in various aspects of risk management and the business value of IT since 1985. He was the founder and CTO of two technology companies and developed first and second-generation host-based intrusion-detection technologies. He is a recognized expert in the fields of risk management, information security, and associated regulatory compliance issues. He has authored two books published by Prentice Hall. He was recognized for his expertise by being appointed to the original Telecommunications Infrastructure Protection working group used by Congress to understand critical infrastructure protection issues prior to the terrorist attack of 11th September. Previously, he worked for SAIC, Centrax, CyberSafe, Network Flight Recorder, and Practical Security.
Founder and Chief Technology Officer
Chief Technology Officer
Security and Risk Management Leaders
CIO Leadership of Innovation, Disruptive Trends and Emerging Practices
IT Finance, Risk and Value (retired)
Technology, Information and Resilience Risk
B.S., Mathematics/Computer Science, University of Illinois
1CIOs bridging risk and security to business need
2Measuring digital business transformation through KPIs
3Linking risk management to corporate performance
4Mapping key risk indicators into key performance indicators
5Board-level reporting for security and risk