Heath Renfrow, a vCISO director at The Crypsis Group, is widely guarded as one of the world’s leading cyber security experts. He has more than two decades of experience as a high-level information security specialist, much of it as a chief information security officer (CISO) in the United States Department of Defense, where he addressed some of the nation’s most significant cyber challenges. In 2017 he was named Global CISO of the Year by EC-Council, the largest cyber-training organization in the world.
Heath joined Crypsis in early 2020 from LEO, a cyber security advisory and operations firm, where as a CISO consultant he worked with clients to guide development of a cybersecurity culture, including executive education, security architecture design, and enterprise-wide best practices and security strategy.
Previously, he served as the first CISO for U.S. Army Heathcare, the largest Heathcare organization within the Department of Defense and one of the largest providers globally, where he developed a long-term strategic roadmap for addressing cybersecurity risks to the Heathcare environment. The program he established there became the cybersecurity gold standard for all of DoD and many private Heathcare organizations.
Prior to that he was CSO at the U.S. Army Corps of Engineers, where he established the Corps’ first comprehensive cybersecurity program, providing critical infrastructure to support hundreds of locations throughout the United States. While there, he led a team of more than 500 IT and operational technology personnel in an overhaul of security architecture that ended up reducing cybersecurity risk by 75 percent to the critical infrastructure locations.
Heath has also served as the CISO at the U.S. Army Installation Management Command and as chief joint security officer at the Defense Information Systems
Agency, as well as chief security officer at the military’s Global Cyberspace Integration Center. He began his career as a cyber interface control officer with the U.S. Navy.
A frequent public speaker on cyber security matters, Heath serves on a number of boards, including the National CyberWatch Center Foundation, the Association for Executives in Heathcare Information Security, the University of Indiana Cyber Advisory Council, and the Cyber Patriot Program Advisory Council. He earned his master’s degree in cyber studies at the American Public University System and is bachelor’s in information technology from the University of Management and Technology.