Chief Information Security Officer, PNC
Susan is responsible for a team of 700 people at PNC, including all of information security and the Global Fusion Center which is a convergence of physical, fraud and cyber operations and intelligence. In addition, this remit covers Digital Identity (customer, workforce, physical), Cyber Strategy, Defending and protecting the attack surface, Data Protection Oversight and Governance, Incident Management, Application Security, Cloud Security, Security Policy / Governance, Maturity Assessment, Quantitative Analysis, New Product / Third Party Risk Analysis.
Susan has experience in building teams from the ground up, enabling capabilities to achieve organizational goals, listening to what the business needs to achieve revenue and is an advocate for sharing and learning from others. She is also an advocate for Effovation – efficiency and innovation to drive automation so that her teams can focus on more curious and innovative work. She regularly contributes to the Bank Policy Institute Security Steering Committee and various other information security forums, such as Evanta, CISO Executive Network.
Susan has lead an enterprise third party management program globally at The Bank of New York Mellon, including all aspects of third party risk assessments, including information security. She lead the program to transformative change to cover the global remit whilst ensuring that the right risks had attention to the appropriate committees. Susan has also reviewed contracts and proposed language in conjunction with legal for third party governance and oversight. She also collaborates with third parties who may need assistance in meeting the PNC objectives and how to attain a combined view.
Susan has been in financial services since 1999 in various roles from Fusion Centers, Head of Technology Risk Management, CISO, Chief Data Protection Officer and CISO at PNC.