Become a member
Karl Schimmeck

Executive Vice President, Chief Information Security Officer, Northern Trust

Karl Schimmeck is the Executive Vice President, Chief Information Security Officer for Northern Trust.  He is responsible for the design and management of the strategy and operation of the bank’s Information Security, Cybersecurity and Data Protection programs.  He regularly interfaces with management, boards, regulators, and law enforcement on sensitive matters and is experienced in complex incident response, crisis management, and global cybersecurity regulations.

Karl has held leadership positions overseeing key components of Morgan Stanley’s information security and cybersecurity capabilities. He most recently was the Chief Information Security Officer for Morgan Stanley’s U.S. Banks and prior to that Karl led the Global Security Assurance team which encompassed security architecture, cloud security and security observability & monitoring.  He has also led the Global Vulnerability Management team which included vulnerability management, application security, penetration testing and cybersecurity exercises.  In addition to his operational responsibilities, he also established and led the Government Partnerships and Industry Engagement office which manages Morgan Stanley’s global engagement with the government agencies, financial regulators and private sector partnerships on technology and security risks and financial sector specific issues.

Prior to joining Morgan Stanley, he was Managing Director, Cybersecurity, Business Resiliency & Operational Risk at the Securities Industry and Financial Markets Association (SIFMA) where he led financial sector advocacy on cybersecurity, operational resilience and technology risk and contributed to the development of the NIST Cybersecurity Framework.  He started in financial services working in Operational Risk at Goldman Sachs with a focus on risk measurement, control design and automation.  Prior to that he worked in product management and solution design for Parametric Technology Corp. (PTC) supporting the design and delivery of product data management and computer aided design solutions.  He started his career by serving as a communications and information systems officer in the United States Marine Corps, achieving the rank of Captain.

Throughout his career, Karl has provided extensive industry leadership. He was a contributor to the founding of the Financial Services Analysis and Resiliency Center (FS-ARC) and Sheltered Harbor.  He served in several leadership roles within the Financial Services Sector Coordinating Council (FSSCC) contributing to the creation of industry-wide products for destructive malware best practices, the utilization of clearances within the financial sector and insider threat best practices.  He is currently on the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Board of Directors of the Cyber Risk Institute (CRI).

Karl holds an MBA from the NYU Stern School of Business and a BS in Operations Research and Industrial Engineering from Cornell University.

BACK TO TOP