Skip to toolbar
Principal Job Title
CISO | Strategy and Operations | Performance Improvement | Internet of Things Security |
1 Line Summary
Steve Hunt is passionate about helping IT and Security leaders to become better versions of themselves, and help them to turn their operations into a well-oiled machine, always audit-ready.

Steve heads the Communities of Excellence initiative - promoting leadership excellence and employee engagement through peer groups focused on leadership training and continual improvement.

As a strategic consultant, Steve has designed, refined and managed business operations, product development, cyber security and risk management programs in several of the world’s leading organizations.

His clients transform from good to great.

As a sought-after speaker, Steve has delivered 75 keynote and special session presentations on Enterprise Security, Information Risk, and Global Information Security Trends at business and security conferences around the world.

As a Technology Vendor Adviser, he helps companies grow:
> Advising large vendors and startups on growth strategy, product roadmap, and marketing strategy
> Performing custom research, “Getting inside the customer's head”
> Publishing research papers on technology trends

Steve is an ISSA Distinguished Fellow and inductee into the ISSA Hall of Fame. He has earned certifications CISSP and CPP
Availability & Rates

You must be registered and logged in to see this information.

Log in or Join
Ratings

HiveRank: Associate (358)
Country
United States
Closest Town / City
Research Triangle, North Carolina USA
Member since: 01-10-2014
My Background Details
In addition to Steve's incredible ability to support and guide the enterprise in all matters security, he's also happy helping security technology vendors craft and execute on vision / exit strategy / marketing strategy / business development planning and channel strategy.
Current Role Details
Steve is available for advisory consulting, but also works effectively as a remote cybersecurity coach.
CASE STUDIES
ENTERPRISE FAILING A SECURITY AUDIT SOUGHT A WAY TO BE "ALWAYS AUDIT-READY" - Case Study: 1 of 3.

Situation
In 2016, auditors at a €4bn enterprise found the organization fell short of standards and requirements, lacking consistency across its security program, with incomplete out-of-date polices, lack of documented processes, and poor employee engagement. Gaps in process and urgent threats were addressed sporadically with a triage mentality – “just make the problem go away as quickly as you can.” Client sought a better system of security management that would be “always audit ready” and “always incident ready.”

Task
Create a management system of high employee engagement and measurable continual improvement in all areas of security management. Ensure the client’s process are being successfully implemented by contemporaneously reviewing artifacts as they are created.

Action
Using online collaboration software and NIST and Baldrige performance excellence frameworks, senior consultants coached and mentored members of the client’s security and technology teams to improve each work activity related to security. Together, the consultants and team members noted changes and suggestions for improvement, thereby measurably continually improving each work activity.

Results
Within three months, every work activity (process) of security had a thread of documented improvement. Within 6 months, every new development, new application, and new threat was routinely entered into the collaboration site, including each item into the continual improvement processes conforming to international standards. Auditors arrived for a routine annual audit, and instead of taken two weeks to review every work activity and its proofs, the auditors were able to review the documentation and witness the real-time engagement of all employees in continual improvement. Auditors required only two days to satisfactorily complete an audit that normally takes two weeks.
CUT WASTE FROM A COMPANY THAT HAD GROWN BY ACQUISITION - Case Study: 2 of 3.

Show / Hide Full Details


Situation
A very large energy company that had grown by acquisition was burdened by conflicting and wasteful “legacy” security operations of various acquired companies. The company needed security to be less costly and more effective.

Task
Assess and streamline security work activities and spending. Create clear, measurable objectives for all employees and departments related to security.

Action
We established a mission statement with positive goals for clearer decision-making in the future. We organized major and minor areas of conflict and inefficiency in a project plan, then applied international performance excellence standards to each, followed by systematically improving each.

Results
Trimmed waste from customers’ cyber security operational spending by measuring effectiveness of processes. Innovated risk management strategy, simplifying risk measurement and reporting, avoiding unnecessary technology purchases. Reduced team-hours of policy creation and management by 70% with a new security framework and lifecycle.
FIRST-TIME CISO HAD TO BECOME "EXECUTIVE" FAST - Case Study: 3 of 3.

Show / Hide Full Details


Situation
The higher Jerry rose in the department, finally reaching Director of IT, the more strain he felt on his marriage, his relationship with his team, and his own health. In the halls he exhibited confidence, but inside he was doubtful, wondering how to get out from under the crushing weight of emails and meetings and status reports while preparing for the next executive presentation.

Working harder wasn't working. There seemed to be more at stake in every decision. He found himself micro-managing his team and going home too exhausted to play with his kids or be present for his wife. He worked-out less, frequently fought off a cold, and stopped returning his wife's calls at work.

Task
Jerry knew he needed to work smarter and to become more "executive" fast. His marriage, his job, and his reputation depended on it -- and his company genuinely needed ever-better technological agility and defense against the latest cyber attacks.
It was time to step up his game and learn some new skills.

Action
He asked me to help him quickly improve his operations and simultaneously improve his leadership. We started using CyberLive methods and the changes were instantaneous. The first step was to create more time. Each hour setting down his phone for a full minute and breathing deeply, he "created" ten new minutes of his own each day. Later he spent a few minutes each morning and evening doing two minutes of intense exercise followed by two minutes of quiet meditative breathing. Within a week he had created an hour of new quality time.

He selected three senior engineers on his team and trusted them with more project leadership, instructing them to come to him only after trying to tease out a solution themselves. Each afternoon, he called his wife just to say hello and hear about her day.


Results
Within a few months, continually learning and adding more techniques for operational improvements, time management and leadership development, Jerry received an email from a board member who heard he was doing a great job, immediately sharing the good news with his wife.




Steve Hunt

Profile picture of Steve Hunt

@stevehunt

active 5 months ago