In September, Chris Shull assumed the role of Interim Chief Information Security Officer (CISO) for Washington University in St. Louis. He comes to us from Huron Consulting Group, which is working on several other projects at WashU. Kevin Hardcastle has stepped back from the CISO role, and is working diligently with Chris to advance the state of WashU’s Information Security program.
Chris and Huron have joined with Joe Susai, the new CISO for the School of Medicine, forming a Cybersecurity Working Group to drive forward WashU’s Information Security Program, prioritize improved protections, and manage the university’s cyber risk.
Chris prides himself on keeping information security simple, or at least understandable. For more than 25 years, he has been leading and transforming information technology, information security, and data privacy practices in diverse companies and organizations.
At WashU, he is looking forward to working closely with stakeholders across the university to visibly and transparently focus the Office of Information Security on critical initiatives and operational activities to support the university’s complex research, healthcare, teaching, and research missions through projects like MyDay, One Campus, Secure WUSM, and many more.
Chris’s clients have included Salem Memorial Hospital, the Weichert Family of Companies, Conair Corporation, Glemser Technologies Corporation, Versum Materials, Taiho Oncology, and Whiteboard Ventures. He previously led IT at the Natural Resources Defense Council (NRDC), Misonix, Drexel University Online, the Jewish Federation of Greater Philadelphia, GSI Health, the Wharton School at the University of Pennsylvania, and CareScience.
He is a Certified Chief Information Security Officer (CCISO), Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional / Europe (CIPPE), Certified Information Privacy Professional / United States (CIPPUS), and Certified Information Privacy Manager (CIPM) and was designated a Fellow in Information Privacy (FIP) by the International Association of Privacy Professionals. He volunteers with the Cloud Security Alliance, helping map version 3.0.1 of Cloud Controls Matrix (CCM) to other standards and frameworks, developing version 4.0 of the CCM, and as Treasurer of the Delaware Valley Chapter.
Chris earned a BA from the University of Pennsylvania and an MA from the Wharton School.