Become a member
Josh Magri

Founder and President, Cyber Risk Institute

Josh Magri currently serves as the Managing Director of the Cyber Risk Institute. Previously, he served as Senior Vice President and Counsel for Regulation and Developing Technologies at Bank Policy Institute (BPI)/BITS. In this role, Mr. Magri oversaw regulatory, advocacy, and policy efforts on issues related to cybersecurity, data security and privacy, financial technology (“FinTech”), and developing technologies.

Prior to joining BPI, Mr. Magri was the Associate Vice President at the Internet Security Alliance, a multi-sector cybersecurity trade association, where he co-authored the National Association of Corporate Directors’ (NACD) “Cyber-Risk Oversight Handbook.” He also helped develop cybersecurity policy that was largely incorporated into Presidential Executive Order 13636 – Improving Critical Infrastructure Cybersecurity.

Before moving to the Washington area, Mr. Magri was a prosecutor in the Bronx County District Attorney’s Office. Tenured in both the Appeals and Rackets Bureaus, he handled felony and misdemeanor investigations, prosecutions, and appeals.

Mr. Magri graduated Boston College with a B.A. in Economics and earned a J.D. from Boston College Law School. Following law school, he clerked for the Honorable Fernande Duffly at the Massachusetts Appeals Court.

Josh Magri Discusses Cyber Risk and Regulation on CyberWire Podcast
Josh Magri was featured on the CyberWire podcast to discuss how financial institutions conduct cybersecurity in a heavily regulated global financial environment, while protecting their employees and their customers.
Closing Pandora’s Box
With each passing day, more of the systems that provide us with food, water, shelter, energy, communication, and currency are digitized.
Press Release
Industry Unveils Cybersecurity Profile to Help Financial Institutions Develop and Maintain Cyber Risk Management Programs
A survey of chief information security officers from financial institutions that indicated nearly 40% of their time was spent on compliance and reconciling competing, duplicative, redundant, and inefficient cybersecurity supervisory examinations.