CareFirst BlueCross BlueShield
As the Chief Information Security Officer for CareFirst BlueCross BlueShield supervising a staff of 100+ security professionals and 5 direct-reports, Don successfully completed a $35M Information Security infrastructure upgrade. This upgrade enables secure web applications, web services and B2B transactions for CareFirst’s associates, members and trading partners. Additionally, Don’s team designed and implemented a Governance/Risk/Compliance (GRC) framework to ensure CareFirst’s compliance with the HIPAA, GLBA, FFIEC, PCI DSS, and SarbOx regulatory requirements and developed corporate-wide policies/procedures to ensure the confidentiality, integrity and availability of CareFirst’s information. Don holds numerous Information Technology certifications: • Risk (CRISC) • Security (CISSP) • IT Governance (CGEIT) • Data Management (CISM) • Software Development (CSSLP) • National Security Agency (IAM, IEM) • Database Architecture (Oracle Master of Technology) Don has completed the National Security Agency’s INFOSEC Assessment Methodology and National Security Agency’s INFOSEC Evaluation Methodology certifications. During his service to the military, Don held a SECRET security clearance in the U.S. Air Force. As a past Chairman of the Blue Cross Blue Shield Association’s Information Security Advisory Group, a past Vice-President of the Federal Bureau of Investigation’s Citizen’s Academy Alumni Association and being seated on IBM’s Security Advisory Board for five terms, Don has been a contributor to the Cybersecurity profession for over four decades.