Richard Spires

Richard Spires Chief Executive Officer at Learning Tree International Washington D.C. Metro Area Connect Connect with Richard Spires More actions Learning Tree International The George Washington University The George Washington University See contact info See contact info See connections (500+) 500+ connections A driven professional who has solid large-scale operations and IT executive experience together with entrepreneurial outlook. Track record that includes a continued pattern of success in helping organizations address and overcome obstacles to achieve their objectives. Experience and skills honed over 16 years at SRA International, a highly respected IT professional services firm. Government experience at the US Department of Homeland Security as the Chief Information Officer and at the IRS in large-scale operations and in leading one of the most complex IT modernization efforts ever undertaken. Additional experience at start-up companies, holding key managerial and director roles, including current role as CEO of Resilient Network Systems. Recognized as a consistent, effective leader of high integrity with a proven ability to transform organizations. Specialties: • Building and Developing Operations Functions • Strategy Development to Support Organizational Goals • High Performance Team Leadership and Collaboration • Large-scale IT Program and Project Management • Software Product Development Management • Professional Services Management and Operations • Complex Contract Negotiations for Large-Scale IT Projects • Venture Capital Fund Raising and Negotiation • Strategic Alliances and Partnerships Show less Show less of Richard’s summary Articles 4,549 followers Cyber Security – Comprehensive Risk Management is the Key Richard’s profile photo Richard Spires Published on LinkedIn Implementing appropriate cyber security is difficult for all organizations. How does one evaluate risk of a breach and the organization’s vulnerabilities? And how does one decide both what to do in terms of implementation of security controls, and depth and breadth of what is needed in the way of those controls, and how much control is enough? Each organization (whether a company, government agency, educational institution, etc.) is unique, and hence what is optimal for an organization is dependent on its situation – there is no one answer. A rational approach to addressing cyber security is to think of it as a risk management problem in which risk can be expressed mathematically as: Risk = (Vulnerabilities of Organization) x (Threats to Organization) x (Asset Value) Yet assessing the cyber vulnerabilities an organization has, and understanding the threats to the organization, are both complex undertakings. And even assessing the value of an organization’s assets can be difficult. One may be able to measure the asset value in terms of direct lost revenue with the loss of a mission critical system, but how do you represent asset value with a loss in reputation from a cyber security breach and its potential impact on current customer satisfaction and future sales? From a risk perspective, the threat of cyber security breaches has leapt to the top of the list of most companies and government agencies. Yet the ability to do the proper cyber security risk analysis, and to answer the key question “what should I do and how much is enough?” is an incredibly important yet very difficult balancing act for many organizations. While the answer to the question above is unique for each organization, there is a robust and comprehensive framework and process that has been developed to help organizations of all types. In 2013, President Obama issued a Presidential Directive titled Improving Critical Infrastructure Cyber Security to help financial institutions, electric power companies, chemical plants (i.e., critical infrastructure) develop plans and capabilities to protect themselves from cyber security attacks. As part of the Directive, the National Institute of Standards and Technology (NIST), was directed to develop a Cyber Security Framework (http://www.nist.gov/cyberframework/), to “help an organization to better understand, manage, and reduce its cyber security risk.” As NIST worked to develop the Framework, which is internationally recognized, it sought input from more than 3,000 people from diverse parts of industry, academia, and government through workshops and webinars. This crowdsourcing approach leveraged the best of what has already been developed and has provided all organizations a “best practice” template for developing their own cyber security risk management process. The Framework consists of three elements: · The Core– A set of cyber security activities that are group by five concurrent and continuous functions of Identify, Protect, Detect, Respond, and Recover. · The Tiers – A context of how mature an organization is in viewing cyber security risk and the processes in place to manage that risk. · A Profile – The alignment of the standards, guidelines, and practices to the Framework Core in a particular implementation scenario. The Framework also outlines a seven-step process to developing and executing a risk-based Cyber Security Program. The end result is a prioritized Action Plan based on a proven risk management approach to addressing cyber security. And this approach is equally applicable to corporations, government agencies, or educational institutions. More recently, President Trump, in his Executive Order on Cyber Security issued in May, 2017, mandated the use of the NIST Cyber Security Framework across all federal government agencies. Further, the information technology research company Gartner projects that by 2020 50% of US-based organizations will be using the NIST Cyber Security Framework to support them in addressing their cyber security challenges. If you want to learn more, please join me for a half-day course – Cyber Security for Management and the Boardroom- that I will be teaching the morning of Monday, November 5th. You can join me face-to-face in NYC at our Education Center in midtown Manhattan or virtually through our AnyWare platform. In this short course, I provide approaches for how executives and board members can ensure your organization is properly addressing cyber security risk. For more information, please see https://www.learningtree.com/courses/2050/cyber-security-for-management-and-the-boardroom/. Perfect security is a myth, but a robust action plan for addressing cyber security risk can provide an organization the peace of mind that it is doing what is prudent to protect itself and the critical data it holds. 29 Likes 4 Comments Like Comment Share See all Experience Learning Tree International Chief Executive Officer Company NameLearning Tree International Dates EmployedOct 2015 – Present Employment Duration3 yrs 3 mos LocationWashington D.C. Metro Area Learning Tree International is a leading provider for truly effective hands-on IT and management training. Over 2.3 million Learning Tree course participants from over 65,000 business and government organizations around the world have enhanced their skills and achieved certifications through intensive, hands-on exercises under the guidance of our expert instructors — who have real-world experience in the areas that they teach. Resilient Network Systems, Inc. Company NameResilient Network Systems, Inc. Total Duration5 yrs 1 mo TitleChairman of the Board Dates EmployedDec 2013 – Present Employment Duration5 yrs 1 mo LocationSan Francisco California Resilient Network Systems provides the Trust Network platform to bring trust to the cloud and the Internet of Things. Trust Networks virtualize real-world relationships and conditions of trust by resolving identities in the network and enforcing each party's rules in transit. This enables disparate organizations and users to share sensitive information while m... See more TitleChief Executive Officer Dates EmployedDec 2013 – Oct 2015 Employment Duration1 yr 11 mos Resilient Network Systems provides the Trust Network platform to bring trust to the cloud and the Internet of Things. Trust Networks virtualize real-world relationships and conditions of trust by resolving identities in the network and enforcing each party's rules in transit. This enables disparate organizations and users to share sensitive information while m... See more Palo Alto Networks Member of the Public Sector Advisory Board Company NamePalo Alto Networks Dates EmployedOct 2014 – Present Employment Duration4 yrs 3 mos LocationSanta Clara, California Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Unlike fragmented legacy products, our security platform safely enables business operations and delivers protection based on what matters most in today's dynamic computing environm... See more Rate Reset Member of Board of Directors Company NameRate Reset Dates EmployedJun 2009 – Present Employment Duration9 yrs 7 mos LocationMcLean, VA Transforming the mortgage and auto loan industry with rate reset technology. Acentia Member of the Board of Directors Company NameAcentia Dates EmployedOct 2014 – Mar 2015 Employment Duration6 mos LocationFalls Church, Virginia Leading Federal Government systems integrator sold to Maximus Inc. in March 2015. Richard A. Spires Consulting Principal Company NameRichard A. Spires Consulting Dates EmployedJul 2013 – Dec 2013 Employment Duration6 mos LocationArlington, Virginia Provided consulting services to corporations and government entities on large-scale operations and IT management issues. Specific knowledge of how the US Federal Government acquires, develops, and manages IT systems. US Department of Homeland Security Chief Information Officer Company NameUS Department of Homeland Security Dates EmployedAug 2009 – May 2013 Employment Duration3 yrs 10 mos Richard A. Spires was appointed in August 2009 to serve as the Department of Homeland Security’s (DHS) Chief Information Officer (CIO). In this capacity, Mr. Spires was responsible for the department’s $5.6 billion investment in Information Technology (IT). He led and facilitated development, implementation, and maintenance of the department’s I... See more Richard A. Spires Consulting Principal Company NameRichard A. Spires Consulting Dates EmployedSep 2008 – Aug 2009 Employment Duration1 yr Provided consulting services to corporations and government entities on large-scale operations and IT management issues. Specific knowledge of how the US Federal Government acquires, develops, and manages IT systems. Internal Revenue Service (IRS) Company NameInternal Revenue Service (IRS) Total Duration4 yrs 6 mos TitleDeputy Commissioner, Operations Support Dates EmployedSep 2007 – Sep 2008 Employment Duration1 yr 1 mo Mr. Spires had full leadership responsibility over the Operations Support organization of the IRS, which includes the IT, Finance, Human Capital, Data Privacy, Real Estate, Procurement, and Shared Services functions. This 12,000 person, $4 billion/year organization provides the key services to support the tax administration functions of the IRS. As such, Mr. ... See more TitleChief Information Officer Dates EmployedSep 2006 – Sep 2007 Employment Duration1 yr 1 mo Mr. Spires led IRS’ IT organization, managing a 7,000 person, $2 billion function that maintains and enhances the core tax processing and compliance applications, hardware and telecommunications/networks in support of the IRS’ mission. In addition, he had responsibility for the development and deployment of key modernization applicat... See more Show 1 more role Mantas, Inc. President and COO Company NameMantas, Inc. Dates EmployedMay 2001 – Jun 2003 Employment Duration2 yrs 2 mos Mantas developed and delivered business intelligence software for the financial services industry, including brokerage firms, banks, and exchanges. The software performs data mining, pattern analysis, behavior recognition, and provides alerts – and is used to detect problems such as money laundering and fraud, ensure market integrity, manage r... See more SRA International, Inc. Senior Vice President Company NameSRA International, Inc. Dates Employed1984 – 2001 Employment Duration17 yrs One of the founders of SRA’s Commercial Business initiatives, where Mr. Spires was responsible for developing and leading an organization serving the Financial Services, Telecommunications, and Legal markets. Services offerings included solutions in enterprise systems management, application integration, knowledge discovery, and knowle... See more Show fewer experiences Education The George Washington University The George Washington University Degree NameMS, Electrical and Computer Engineering Dates attended or expected graduation 1985 – 1987 University of Cincinnati University of Cincinnati Degree NameBS, Electrical Engineering, BA, Mathematics Dates attended or expected graduation 1979 – 1984