Modern CISO Network: Board Book

Markus Kaufmann is an empathic leader with a passion for operational efficiency and risk management. Throughout his 30-year career in IT, with a focus on information security, risk, and compliance for the past 20 years, Markus has assessed the information security programs of numerous companies, spanning from Fortune 100 enterprises to small startups.

Markus has built information security teams and programs from the ground up, which has helped him to not only communicate technical and operational risk issues more effectively to executives and senior management, but also to understand how business drivers and priorities must play a key role in shaping an organization’s approach to information security and IT infrastructure. Having worked domestically and globally in heavily regulated industries such as banking and insurance, as well as less regulated industries such as retail and manufacturing, he is well versed in regulatory and legal requirements such as the Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Federal Financial Institutions Examination Council (FFIEC) guidelines, Office of the Comptroller of the Currency (OCC) regulations, and Basel Accords (BASEL).

While there are several frameworks and maturity models addressing risk and security, Markus believes that each organization is unique and requires a tailored approach to information security, risk, and compliance, ultimately balancing risk management against cost and operational efficiency.