Drew Williams

Principal Security Solutions Architect


United States

Drew Williams has been involved in information risk management since the mid-80s, when he began his career in the U.S. Navy. During the late 1990’s, Drew worked on early adoption of GRC standards and frameworks (SOX, ITIL, ISO27799, CObIT), as well working with MITRE in the late 1990s on establishing the Common Vulnerabilities Enumeration (CVE) framework. Drew also contributed to the HIPAA Security Policy (1995-1996), and co-authored some of the industry’s first Incident Response & Information Security Risk Assessment Services while head of the SWAT Team at AXENT/Symantec (1997-2002).  Drew has developed information security readiness programs for ministries of defence throughout Asia, and also co-developed post-graduate programs on cybersecurity at Utah Valley University and Southern Utah University, where he is an adjunct professor and course designer in their Cybersecurity Master’s program. Drew is a member of the Department of Homeland Security Healthcare and Public Sector Coordinating Councils, writes the CSO Online blog, “InfoRisk-360.” He has a Master’s degree in Security and Safety Leadership from the George Washington University, undergraduate degrees in Communications and English from Brigham Young University, and is a doctoral candidate at the University of Liverpool.