John Banghart, Senior Director, Technology Risk Management, Venable LLP
NIST Cybersecurity Framework in the Financial Sector
This session discussed the NIST Cybersecurity Framework and the Financial Services Roundtable (FSR) Draft Financial Services Sector Specific Cybersecurity Profile, and how it can be leveraged by organizations to assist in managing and communicating their risk.
John Banghart is Venable's Senior Director for Technology Risk Management, with over two decades of federal government and private-sector experience in cybersecurity. Mr. Banghart has significant experience in risk management, government policy, standards and regulatory compliance, and incident management. He has successfully led efforts to address significant and high-profile cybersecurity issues within major government programs and institutions while facing complex legal, technical, and political circumstances.
Prior to joining Venable, Mr. Banghart was the Senior Director for Trusted Engineering for Microsoft. In this position, he coordinated multiple teams to develop, implement, and oversee strategy for government adoption of Microsoft’s Azure cloud services. Part of the implementation involved meeting strict federal and Defense Department compliance requirements.
From 2013 to 2015, Mr. Banghart played a key role in developing the Obama Administration's cybersecurity and technology policy as the National Security Council's Director for Federal Cybersecurity. He led policy, technical, and process efforts to reduce cybersecurity risk and improve metrics and measurement for all civilian, military, and intelligence community agencies. He served as a primary advisor on cybersecurity incidents and preparedness and led the National Security Council’s efforts to address significant cybersecurity incidents, including those at OPM and the White House, among others. Mr. Banghart also worked as a Senior Cybersecurity Advisor for the Centers for Medicare and Medicaid Services, providing leadership to the cybersecurity preparations for the Healthcare.gov website. He also spent several years at the National Institute of Standards and Technology (NIST), both as a cybersecurity researcher and in the Office of the Undersecretary of Commerce for Standards and Technology.
During both his time at NIST and the NSC, John was part of the team that developed the NIST Cybersecurity Framework, and he drove White House policy that helped to eventually bring the Framework into use within government. Currently, he supports a number of Information Sharing and Analysis Centers, as well as the Financial Systemic Analysis & Resilience center, which was established in October of 2016 by eight of the largest banks to “proactively identify, analyze, assess and coordinate activities to mitigate systemic risk to the U.S. financial system from current and emerging cybersecurity threats”.
Early in his career, Mr. Banghart was a technology leader at several private-sector companies, including Booz Allen Hamilton and the Center for Internet Security.