2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 1

Table of Contents

A New Frontier of AI Innovation Look into the Future of The AI Security Market 3
Demystifying Cybersecurity Terms Vulnerability Assessments, Scanning, Penetration
Testing, And Red Teaming 10
The Cybersecurity Lens: PANCCD 13
Looking at the Cybersecurity Landscape with the PANCCD Lens 14
Meet The Judges 20
Eight Themes Driving The Future of Cybersecurity 24
Why Authorization Based API attacks are surfacing in Applications. 28
What Is the Definition of a Black Unicorn? 31
Spotlight: Women in Cybersecurity 32

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 2
A New Frontier of AI Innovation Look into the
Future of The AI Security Market
By Josiah Hsiung, Principal, NightDragon and Alec Kiang, Associate, NightDragon

Foreword
Artificial Intelligence is making unprecedented inroads into the world of cybersecurity and
ushering in a new wave of threats and potential safeguards. With new types of attacks that
enterprises need to be prepared for, enterprises have raised questions about how to manage risk
effectively and are looking for novel solutions to ensure the responsible usage of AI. This has
resulted in significant innovation, advancement, and commercialization of ML model security tools
that can help address data privacy issues, sensitive data leakage, and model robustness.

In a world where machine learning models are becoming the norm, security is essential. Until the
regulatory landscape and AI governance space matures, enterprises are left to their own devices
to be proactive and develop their own frameworks for securing ML models. New vendors continue
to emerge and meet the demand for ML model security as AI applications continue to skyrocket
– highlighting a new era in cybersecurity and machine learning.
Vijay Bolina, Chief Information Security Officer, Google DeepMind

In the second blog of our AI blog series, we examine the machine learning development lifecycle
to identify key areas where the ML model security technology stack comes into play. The ML
model security market is ripe for innovation and far from saturation. We will inevitably start to see
a rise in ML-specific attacks that will be driven by accelerated commercial adoption of these tools.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 3
A New Wave of AI Security Innovation, Policies to Respond to Risk
“I think that there is a good market opportunity for startups and applications to protect AI models.
The current discussion about AI and generative AI is rather about threats leveraging AI, and not
about threats against AI. Security risks of AI and generative AI systems are not widely known yet,
but I think this will change quickly in the near term”
Christoph Peylo, Chief Cyber Security Officer at Bosch

Driven by regulation, new adversarial attack vectors, and enterprise stakeholder risks, we believe
that there will be accelerated commercialization of solutions that are focused on protecting ML
models through their entire lifecycle. In order to secure ML models – enterprises must consider
the attack surface throughout the development cycle to determine and prioritize areas that need
to be secured.

Attacks against AI models and potential risks for AI models impact various stages across the ML
development cycle – each of which requires different security protocols to address these potential
risks. Existing cybersecurity solutions (e.g. identity and access management, data security,
infrastructure security, software supply chain security, and threat intelligence capabilities) can
support an enterprise’s ML security posture. However, current widely adopted solutions do not
directly address ML model risks and have created a new market for ML security-specific vendors.

“Establishing a framework for data privacy, model robustness, and model explainability is crucial
to support AI risk mitigation and ensure AI-enabled system reliability.”
Vijay Bolina, Chief Information Security Officer at Google DeepMind

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 4
Based on the current landscape, ML security vendors can enhance enterprise AI security and
safety through the following features:

• Training Data Security and Privacy Tools: Securing training data through (i) producing
synthetic data to train ML models, (ii) transforming representations of training data used
for ML models to reduce sensitive information exposure, and (iii) securing data sharing
and access management (protect and encrypt data).

• Pre-Production Visibility and Vulnerability Scanning Tools: Stress-testing models to

ensure “robustness” (ML model’s ability to resist being fooled) and as a precautionary tool
to prevent AI risk early in the development cycle.

• Post-Production Monitoring Tools: Tracking post-production models to identify

anomalies and model drift (degradation of model accuracy and performance). These tools
also help address model explainability – understanding the rationale as to why ML models
are outputting certain results.

• Model Attack Detection and Response Tools: ML model protection, intrusion detection,
and threat intelligence feeds that allow for real-time detection and remediation of ML-
based attacks (data poisoning, model evasion, model extraction).

• AI Governance, Risk, and Compliance Tools: Safety tools that ensure that developed
models follow regulatory guidelines and enterprise-determined guardrails.

Vendors that enable ML security and responsible AI have raised a total of +$687M from VCs
(Source: Pitchbook) which signals meaningful investment in a space that protects enterprises that
lack the resources to defend themselves against the latest cybercrime schemes.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 5
While we have only included what we believe are vendors who are primarily focused on
ML security in our market map, we recognize that other vendors may sell products that are
tangentially related to ML security (e.g. other ML operations tools).

Regulating Artificial Intelligence – A Push for Additional Security Measures

In addition to commercial solutions, we are also seeing governments move to act. While still in its
infancy, the EU, US government, and government agencies across the globe are starting to
propose new regulations, guidelines, and research discussing frameworks for AI Security.

• FDA published an action plan to regulate AI-based Software as a Medical Device

• Algorithmic Accountability Act proposed in the House of Representatives and Senate

stating that companies utilizing AI must conduct critical impact assessments of automated
systems they sell and use in accordance with regulations set forth by the FTC

• EU AI Act – establishing regulatory frameworks and enhance governance / enforcement

of existing law on fundamental rights and safety requirements applicable to AI systems

While governments around the world continue to explore ways to regulate generative AI, other
leaders from Google DeepMind, Anthropic, and other AI labs have expressed their concerns
through a Statement of AI Risk published on the Center for AI Safety’s website. The statement
highlights wide-ranging concerns about the risk and dangers of AI are parallel to the dangers of
pandemics and nuclear weapons.

NightDragon’s Thoughts and Predictions of the AI Security Market

• Enterprises that are currently adopting ML-specific security tools are taking a
proactive approach. Many of the different types of attacks against ML models have only
been demonstrated in academia. Until there have been tangible and reported instances
of nation-states or hacker groups utilizing these attacks in practice, there will be a ramp
time before there is massive commercial adoption of ML security tools.

• CISOs will prioritize securing training data first prior to implementing model
security tools: Enterprises, especially in heavily regulated sectors (e.g. healthcare and
financial services) will have to find ways to mitigate the potential risks of sensitive data
leakage and poisoning.

• Enterprises will build more internally-hosted models in the long run rather than
leveraging a third-party LLM: We are progressing to a multi-model world where
enterprises will build both internally-hosted models and models that are leveraging third-
party LLMs. However, based on our advisors’ feedback, we believe that enterprises will
skew more toward building internally-hosted models. By training and managing their own
models, enterprises can build models based on proprietary data to support workflows that
are unique to them. As a result, we envision long-term adoption of pre-production

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 6
 vulnerability testing and post-production monitoring tools that will improve model accuracy
and reduce model bias.

• Successful Model Attack Detection and Response Tools must be married with
threat intelligence tools: Integration into threat intelligence and extended detection and
response tools will be crucial to the timely detection, remediation, and response of ML-
related attacks. When combined with threat intelligence, enterprises will be able to better
anticipate ML attacks and ensure a strong ML model security foundation.

Closing Thoughts
The rapid advancement of generative AI, driven by the rise of OpenAI’s ChatGPT and the global
AI arms race, presents both significant opportunities and challenges. Enterprises are embracing
AI technologies at an unprecedented pace, recognizing their potential to revolutionize various
industries/sectors. However, as AI becomes a strategic imperative, it is crucial to navigate the
associated risks and ensure proper AI governance. The convergence of AI and cybersecurity
demands increased vigilance, innovative solutions, and regulatory frameworks to protect against
evolving threats and mitigate potential harm.

“Ultimately, you would want to protect the effort that you spent training the model and by
implementing a security tool for your AI, you are protecting your business.”
Christoph Peylo, Chief Cyber Security Officer at Bosch

To keep track of new adversarial ML threats in addition to mitigation methodologies, we suggest

that our readers follow the MITRE ATLAS website to keep track of new developments. Similar to
how MITRE ATT&CK has served as a framework for threat intelligence, we believe that MITRE
ATLAS will be a strong resource to protect against adversaries employing attacks against ML
models.

NightDragon is committed to staying at the forefront of the AI security landscape, supporting and
collaborating with founders developing cutting-edge security solutions to safeguard against
adversarial ML threats. If you’re a founder in the generative AI security space, we’d love to hear
from you! Email us at josiah@nightdragon.com or alec@nightdragon.com.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 7
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 8
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 9
Demystifying Cybersecurity Terms Vulnerability
Assessments, Scanning, Penetration Testing,
And Red Teaming
By Dasha Deckwerth, President and CISO

In the fast-growing field of cybersecurity, phrases like "vulnerability assessment," "vulnerability

scanning," "penetration testing," and "red teaming" are sometimes used interchangeably, causing
confusion and misunderstanding. This blog post seeks to demystify these cybersecurity terms
and cut through the confusion to offer clarity on each idea. Hopefully, you will find this useful when
making decisions about security solutions for your company.

Vulnerability Assessments vs. Vulnerability Scanning

The confusion begins with "vulnerability assessment" and "vulnerability scanning," terms which
may sound the same to the untrained ear. However, they serve different purposes in identifying
and eliminating weaknesses in cybersecurity. While vulnerability scanning gives a thorough list of
weaknesses in your network, it lacks detailed information about the potential consequences of
these flaws.
Vulnerability assessments, on the other hand, go a step further by not only identifying threats but
also outlining the likelihood of their exploitation and the ensuing repercussions. This deeper

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 10
understanding helps prioritize important assets, achieve compliance, and improve cybersecurity.
It is crucial to be careful of companies that misrepresent vulnerability scanning as an assessment.
True assessments provide valuable insights into your security position, while scans simply
present a list of vulnerabilities without the necessary context.

Vulnerability Assessment vs. Penetration Testing

Penetration tests complement vulnerability assessments by incorporating an exploitative

component. While assessments identify vulnerabilities, penetration tests simulate a hacker's
approach to exploiting them. By simulating real-world attack scenarios, penetration tests help
evaluate the effectiveness of your vulnerability management plan and assess the risks posed to
your system, network and critical assets.

Penetration Testing vs. Red Teaming

The distinction between penetration testing and red teaming requires clarity. A penetration test
focuses mainly on identifying vulnerabilities and misconfigurations to assess potential risks. It
attempts to identify whether particular parts of your infrastructure are vulnerable to attacks. In
contrast, red teaming adopts a more comprehensive approach, examining personnel, processes,
and technologies of an organization. A red team operates secretly, imitating advanced threat
actors to expose gaps in your defense strategy while striving to avoid detection.

Understanding these Differences: A Critical Aspect of Cybersecurity

Failure to grasp the differences between these terms can lead to incomplete security measures.
Recognizing the distinct functions of vulnerability assessments, scanning, penetration testing, and
red teaming allows you to modify your security approach to meet your company’s demands and
ensure compliance.

Conclusion

Failing to understand the distinctions between these terms can result in incomplete security
measures. Understanding the distinct responsibilities of vulnerability assessment, scanning,
penetration testing, and red teaming enables you to modify your security approach to match the
unique demands of your company while satisfying compliance requirements.
For more detailed information and guidance, visit www.stealth-iss.com

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 11
About the Author
As the president and founder of Stealth-ISS Group® Inc., Dasha
Deckwerth is an expert in cybersecurity operations and delivery, as
well as a U.S. Veteran. With over 25 years of experience as a
technology professional, Deckwerth has led key cybersecurity
initiatives within the government and civilian sectors where she has
provided IT Security and Cyber Warfare services to NATO, various
US, EU and Asian government agencies as well as multiple global
commercial clients. She has designed and implemented security
operations centers, incident response teams, delivered security
consulting and regulatory compliance/ISO audits across the
Americas, Europe, Middle East and Asia.
Deckwerth is a Certified CMMC Practitioner (CCP) for the Cybersecurity Maturity Model
Certification (CMMC), and she has earned numerous qualifications, including Certified
Information Systems Security Professional (CISSP), Project Management Professional (PMP),
Certified Confidentiality Officer/Counter Espionage (COO), Certified Chief Information Security
Officer (CCISO), and NSA IAM/IEM (InfoSec Assessment and Evaluation Methodology), Payment
Card Industry Qualified Security Auditor (PCI QSA).

Dasha can be reached online at d.deckwerth@stealth-iss.com and via our company website
https://stealth-iss.com/

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 12
The Cybersecurity Lens: PANCCD

How do you take over 3,500+ cybersecurity companies across the globe and fit them into
a box? It’s not easy, so one of the judges, Gary Miliefsky, took up the challenge to create
a new model for the entire marketplace with the acronym he’s coined “P.A.N.C.C.D.” -
People, Applications, Networking, Computing Devices, Code and Data. These six layers
to the stack, or the pyramid of cybersecurity make it much easier to understand the value
proposition of a cybersecurity vendor and where they fit, although within each box in the
stack there are subcategories and different angles of how the myriad of solutions solve
different problems related to the challenges caused by cyber risk.

First, we must understand that cyber risk relates to threats, vulnerabilities and assets, in
the well-known formula: Risk = Threats x Vulnerabilities x Assets or R = T x V x A

This formula cannot work without adding time to the equation, from the famous formula
created by Winn Schwartau, called Time-based Security: Exposure (time) = Detection
(time) + Response (time) or Pt=Dt + Rt

So cyber risk happens over a period of time – when a threat exploits a vulnerability, how
long does it take us to detect this threat and how long does it take us to respond? The
closer to zero that Dt+Rt equals, the lower our Exposure (time) or Et. This is why more
vendors are focusing on automation, machine learning and artificial intelligence to combat
the latest cyber threats. Focusing our Cybersecurity Lens on those vendors who have
entered the Black Unicorn Awards contest and made it into this report, we use the
PANCCD™ model as follows; what does the cybersecurity vendor focus on:

People, Applications, Networking, Computing Devices, Code, Data – the PANCCD™ lens

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 13
Looking at the Cybersecurity Landscape
with the PANCCD Lens

It’s now very easy to look at a vendor and categorize where they fit, into helping solve the
problems of cyber risk in a particular category.

When you hear about or read about a cybersecurity vendor, you can now quickly and
easily figure out what portion of cyber risk they solve, by using the PANCCD™ model.
Feel free to use and share this model, just give credit to the author, as follows
“PANCCD™ is a trademark of Gary Miliefsky, CEO, Cyber Defense Media Group” with a
hyperlink to the author’s bio, found here: https://www.cyberdefensemagazine.com/about-
our-founder/

In this Black Unicorn Report for 2023, we’ve taken a few unique cybersecurity lenses to
view the market and predict the future. Artificial intelligence (a.i.), telecommuting and
cloud-based apps (SaaS) are all in focus and part of the new attack vectors. Thus, the
major attack vectors have been improved by weaponization of a.i. and the shift to the
cloud and weaker home-computing hygiene as priority. This has opened doors for

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 14
increased revenues and visibility among those players who secure the cloud, SaaS apps
and deal with weak, remote, exposed endpoints.

Dr. David DeWalt’s Super Cycles view gives us an even clearer picture of where current
and future cybersecurity investments need to be made, and therefore where we expect
to find additional Black Unicorns in the coming years. According to Dr. DeWalt’s
NightDragon venture fund, by next year, the cybersecurity market will be worth over $248
billion. What’s driving this exponential growth?

● Attack surfaces continue to grow daily. As IT innovation around cloud, mobile, and
virtualization continues, the attack surfaces that must be monitored and protected
constantly grow and evolve.

● A shortage of cybersecurity workers. There’s a serious shortage of professionals

with real-world experience. This drives costs higher and increases demand for
automation to reduce headcount.

● Regulation is increasing and evolving. To keep up with constantly changing

compliance needs, organizations are increasing their focus on cybersecurity to
meet regulatory requirements.

● Tactics are becoming more sophisticated: Keeping up with new tactics like
monetizing attacks via cryptocurrency, renting attack infrastructure, phishing
attacks, and AI require new defenses.

● The cost of cybercrime is rising fast: Cybercrime is relentlessly gaining steam

across almost every industry. That’s why cybercrime will cause over ten trillion in
damages by 2025.

With Robert (Bob) Ackerman running one of the most innovative and successful
cybersecurity venture funds in America, we have another unique investor who
understands the industry including bringing a reality check and a view on what is working
into the judging process and our report.

Dino Boukouris has spent over 16 years in the technology industry with expertise in
cybersecurity, finance, strategy, operations, entrepreneurship, and venture capital &
private equity. Dino is a Founding & Managing Director at Momentum Cyber, alongside
Founders Dave DeWalt, Michael Tedesco and Eric McAlpine. Dino adds some wonderful
market insights from his Cybersecurity Market Review for the 1st half of 2023:

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 15
Venture capital specialization is an emerging theme within the cybersecurity ecosystem. In the
past two years, a new class of cybersecurity-focused firms have raised over $5.2 billion of capital
in total. These specialist firms focus their investments exclusively on cybersecurity companies
and broaden their value creation cycle beyond capital alone.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 16
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 17
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 18
Gary Miliefsky’s take on market with the PANCCD model gives us focus and helps us
quickly determine where a vendor fits and how they might add value in the cyber risk
reduction equation.

This year, with the help of all the judges, given that we had to be pragmatic in our quest
for current and future Black Unicorns, here’s where we started: There are now over
3,500+ cybersecurity companies in the world. We only allowed a small number of
companies based on their funding, sales growth and scalability to be judged as Black
Unicorns.

Based on funding, sales and execution, only 10 companies are selected as Winners
each year, with at least 50 finalists. We also found very innovative companies that are
not quite yet on the $1B trajectory and they are also listed in our Top InfoSec Innovators
awards for 2023. You will find all finalists and winners worthy of our attention and yours
– you may find that they offer a unique solution missing in your cybersecurity portfolio.

Let’s meet our judges, this year…

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 19
Meet The Judges
Dr. Lindsey Polley de Lopez is a futurist who
specializes in the emergent landscape around
space, cyber, and “cyber-adjacent”
technologies. She jointly serves as the
Director of Disruptive Technologies at
VentureScope and the Director of Cyber &
Space Intelligence at MACH37, providing C-
Suite and SES-Level leadership with strategic
and advisory services related to the research
and analysis of disruptive technologies,
emergent capability-sets, and investor
landscapes evolving within the commercial
sector to guide long-term technology adoption
and implementation. Dr. Polley de Lopez also
leads embedded strategic advisory cells that
provided emergent technology solution
identification for segments of the DoD, with an
emphasis on space applications.

Prior to joining VentureScope, Dr. Polley de

Lopez was head of Defense & National Security efforts at a global aerospace accelerator. She also served
as a defense and policy researcher at the RAND Corporation for several years where she worked on cyber
and defense-related science & technology projects spanning the DoD, DHS, and the IC – including topics
such as emergent technology application to the military, counter-terrorism/counter-violent extremism, cyber
strategy, cyber test range development, defense acquisition, information operations, infrastructure analysis,
multi-domain operations, risk characterization, and process reviews of mission support functions.

Dr. Polley de Lopez also served briefly with NIST where she co-led the environmental scanning research
team for Executive Order 13800 – “Strengthening the Cybersecurity of Federal Networks and Critical
Infrastructure” – for the “American Cybersecurity Workforce Development” section, and also served as the
Senior Assistant Editor for the Journal of Public Management and Social Policy.

Through the Pardee RAND Graduate School, Dr. Polley de Lopez’s doctoral research examined the United
States Government’s Vulnerabilities Equities Process for assessing software vulnerabilities, and the
intricacies of balancing the various equities involved (both military and social). In addition to her PhD, she
holds a Master’s in Philosophy for Policy Analysis (from Pardee RAND Graduate School), a Master’s in
Public Administration (from California State University, San Bernardino), a Bachelor’s of Art in Cultural
Studies (from the University of California, Davis), and a Certificate in Terrorism and Counterterrorism
Studies (from the University of Leiden).

Dr. Polley de Lopez has been featured in several high-profile outlets, such as SXSW, Lawfare, Cyber
Defense Media TV, Authority Magazine, Techstrong TV, Journal of Cyber Policy, OODA Loop Magazine,
America’s Future Series events, GEOINT Symposium, and the international Ground Systems Architecture
Workshop.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 20
 Dino Boukouris has spent over 16 years in
the technology industry with expertise in
cybersecurity, finance, strategy, operations,
entrepreneurship, and venture capital &
private equity. Dino has been a speaker at
Cybersecurity conferences across the
country including the RSA Conference,
Cybertech Tel Aviv, Structure Security,
Global Cyberspace Coop Summit, IoT
Security Panel, M&A East 2017, as well as
at numerous private events and corporate
gatherings.

Dino is a Founding & Managing Director

at Momentum Cyber, alongside
Founders Dave DeWalt, Michael Tedesco
and Eric McAlpine. Momentum Cyber is
the premier trusted strategic advisor to the
Cybersecurity industry, providing bespoke
high-impact advice combined with tailored
senior-level access from incubation to exit.

Prior to Momentum Cyber, Dino was a Founding Director of Momentum Partners, the precursor to
Momentum Cyber, alongside Founders Eric McAlpine and Michael Tedesco. Prior to Momentum Partners,
Dino spent much of his career working with and advising venture-backed and bootstrapped start-ups,
including Cameron Health a medical device start-up which created the world’s first subcutaneous
implantable defibrillator and was ultimately acquired by Boston Scientific for $1.35B. Prior to Cameron
Health, Dino began his career with GKN, a multinational aerospace and automotive company, where he
was one of ten graduates selected from across the United States for their International Leadership
Development Program.

Additionally, Dino has been a lecturer, GS instructor and mentor for the MBA, EWMBA and Executive MBA
program for Venture Capital and Private Equity, Business Model Innovation, Entrepreneurial Strategy, and
Managerial Economics. Dino has also served as an advisor to and been involved with a number of leading
accelerators such as the Alchemist Accelerator, Intel Technology to Market Accelerator, National Science
Foundation Innovation Corps, and Lean Launchpad.

In his “spare” time, Dino received his MBA with Honors from UC Berkeley, where he was President of his
MBA program, a Haas Venture Fellow, a Turner Fellow, a Dean’s Scholar and chair of Venture Capital
Connect. Dino also graduated Summa Cum Laude with a B.S.E. in Mechanical Engineering and an M.S.E.
in Mechanical Engineering from the University of Michigan, where he entered the Honors Program and was
a Lawrence D. Corlett Scholar, an Engelbrecht Scholar and a David Aspland Scholar.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 21
 Robert R. Ackerman, Jr. Managing
Director, AllegisCyber Capital

BOB FOUNDED ALLEGIS IN 1996

AFTER A SUCCESSFUL CAREER
AS A SERIAL ENTREPRENEUR.

In founding Allegis, Bob’s mission

was to build a seed and early-stage
venture firm that would combine
operational experience with an
entrepreneurial spirit and a focus on
forging true partnerships with
portfolio companies to build
successful and sustainable
cybertechnology companies. Bob has
been recognized as a Fortune 100
cybersecurity executive and also as one of “CyberSecurity’s Money Men”.

As an entrepreneur, Bob was the President and CEO of UniSoft Systems, a global leading
UNIX Systems House and the Founder and Chairman of InfoGear Technology
Corporation, a pioneer in the original integration of web and telephony technology and
creator of the original iPhone.

Outside of Allegis, Bob teaches New Venture Finance in the MBA program at the
University of California, co-manages his family’s small Napa Valley winery – Ackerman
Family Vineyards, and enjoys fly fishing.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 22
 Gary Miliefsky, Founder & CEO of
Cyber Defense Media Group
(CDMG) is an internationally
recognized cybersecurity expert,
bestselling author and keynote
speaker. He is a Founding Member of
the US Department of Homeland
Security, the National Information
Security Group and the OVAL
advisory board of MITRE responsible
for the CVE Program. He also
assisted the National Infrastructure
Advisory Council (NIAC), which
operates within the U.S. Department
of Homeland Security, in their
development of The National Strategy
to Secure Cyberspace as well as the
Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Gary
has been founder and/or inventor for technologies and corporations sold and licensed to
Hexis Cyber, WatchGuard, Intel/McAfee, IBM, Computer Associates and BlackBox
Corporation. Gary is a member of ISC2.org and is a CISSP®.

In 2012, he founded Cyber Defense Magazine, which has grown to a market leader on
sharing information on all things cybersecurity and continuing to grow, every day. Other
CDMG platforms he’s launched include CyberDefenseTV, CyberDefenseRadio,
CyberDefenseAwards, CyberDefenseProfessionals, CyberDefenseWebinars, with
additional platforms launching in 2023 and beyond.

He is a frequent invited guest on national and international media commenting on

breaches, cybercrime, internet of things, cloud computing, digital transformation, artificial
intelligence, privacy, cyber security, and cyber terrorism. He has also been covered in
Forbes, Fortune and Inc. Magazines. He is also an expert on Cryptocurrencies and
related fraud as well as most issues pertaining to ICOs, Bitcoins, Blockchain technology
and Ransomware. His recent bestselling book, with the first edition being rated 5.0 stars,
is entitled Cryptoconomy – Bitcoins, Blockchains and Badguys, available on
Amazon.com, now in its second edition.

He’s frequently writing articles published throughout the mainstream media and he also
likes to write thought provoking articles at LinkedIn as a Top 1% of all INFOSEC LinkedIn
profiles and a Top 3% Globally on LinkedIn.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 23
Eight Themes Driving The Future of Cybersecurity
“We live at a seminal time in Cybersecurity history, with risk rising to levels greater than
we have ever seen, while at the same time many businesses are unfortunately being
forced to do more with less amidst a global economic slowdown,” said Dave DeWalt,
Executive Chairman at Momentum Cyber. “While Cybersecurity venture investment
slowed in the second half of the year, continued budget increases from security teams
and ongoing Cybersecurity and geopolitical risk gives us optimism about the long-term
future of this industry.”

The foreword of this year’s Almanac in collaboration with Team8 features insights and
Cybersecurity predictions from Nadav Zafrir, Co-Founder and Managing Partner of
Team8, and Admiral Michael Rogers (Ret.), former Director of the NSA and
Operating Partner at Team8.

Layer 8

A common first entry point of an attacker to an organization is usually a human

(employee), who can easily be compromised by malicious software, social engineering
techniques, or simply by human error.

Compromised employees allow attackers to bypass significant portions of companies’

defensive controls, and these humans cannot be “patched”. Thus, the human attack
surface can only be mitigated by compensating controls.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 24
Shift-Left

If Shift-Left works, the biggest impact will be that it enhances the relationship between
security and AppDev, which will enable the faster creation of secure applications.
However, in order for Shift-Left to work, security has to adapt to the way developers think,
act, buy, and consume tools.

Additionally, with the emerging focus on the “software bill of materials” (SBOM), the ability
for software creators to track application componentry and provide evidence to their
customers will be critical.

Data Security

As businesses and consumers create richer digital footprints, stronger regulation and
consumer preferences will drive investment in data protection and data privacy solutions.

On one hand, globalization and the growth of the digital economy are accelerating the
need for digital collaboration. On the other, emerging privacy regulations and consumer
preferences are driving investment in privacy enhancing technologies and the means for
users to have more control over their data.

Perimeterless World

A perimeterless world requires enhanced processes for identity and access management
(IAM), with a growing use of zero trust architectures that provide better control.

In the modern environment, there are many things outside of the network that still need
to be trusted and depended upon. Thus, using network topology as the basis for trust
simply isn't a valid assumption anymore. That’s where identity comes into play.

Security of Things

There are concerns regarding the resiliency of critical infrastructure, and unfortunately,
much of this infrastructure is decades old and difficult to secure.

Additionally, there continues to be a massive acceleration in the number and variety of

IoT devices, creating new categories of attack that need to be planned for in order to
protect individuals, data, and enterprises.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 25
Smarter Security

Because of both the supply problem (lack of talent) and the demand problem (dramatic
increase in volume/speed of attacks and AI-driven attacks), there may be no alternative
other than automation and AI-supported defense.

Smarter security solutions will mitigate many of these challenges through the
incorporation of automation, data, and AI to plug gaps and provide security teams with
better options to best-use their human capital.

Resilience & Recovery

Any sound security strategy must also consider resiliency and include the capability for
rapid recovery from degradation, disruption, or denial of access to enterprise systems or
data, and swift reconstitution of assets and capabilities.

When thinking about resilience and recovery, cybersecurity must primarily focus on
operational risk and resilience. Standard continuity of business processes are insufficient
in the face of malicious cybersecurity action.

Cloud Security

Security capabilities are evolving to allow enterprises to reap the benefits of moving to
the cloud, while retaining control over their security posture, data protection programs,
and application integrity.

In order for cloud provider-based security solutions to be successful, the cloud providers
themselves are going to have to be able to support their customers’ hybrid and multi-
cloud environments.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 26
About David G. DeWalt Ph.D.

Dr. David G. DeWalt is the Founder of

NightDragon Security which is located
online at http://www.nightdragon.com.
Dave DeWalt is a veteran CEO, advisor, and
investor who has led companies, from
startups to the Fortune 500, on a
transformational journey of success.
Focused on technology and cybersecurity,
Dave helped create more than $20 billion of
shareholder value during his 15-plus years
as President and CEO of three major
companies. That includes driving the largest
cybersecurity IPO to date as of 2013, and
leading the largest all-cash deal in
technology history as of 2010. Today, he
serves as Managing Director of Allegis Cyber as well as investor and board member in
the world’s most innovative companies such as Delta Airlines, Five9, Forescout, Phantom
Cyber, Claroty, Team8, DataTribe, Illusive Networks, and Optiv.

He most recently served as the Executive Chairman of FireEye, Inc., a global network
cyber security company. Dr. David G. DeWalt served as FireEye’s Chief Executive Officer
from November 2012 to June 2016 and Chairman of the Board from June 2012 to January
2017. Dr. David G. DeWalt was President and Chief Executive Officer of McAfee, Inc., a
security technology company, from 2007 until 2011 when McAfee, Inc. was acquired by
Intel Corporation. From 2003 to 2007, Dr. David G. DeWalt held executive positions with
EMC Corporation, a provider of information infrastructure technology and solutions,
including serving as Executive Vice President and President-Customer Operations and
Content Management Software. Qualifications: Dr. David G. DeWalt has substantial
expertise in the information technology security industry and has strategic and operational
experience as the former Chief Executive Officer of FireEye, Inc. and former Chief
Executive Officer of McAfee, Inc. As a member of the boards of directors of public
companies other than Delta, Dr. David G. DeWalt has served on the audit and
compensation committees. Directorships: Five9, Inc.; Forescout Technologies, Inc.;
FireEye, Inc. (2012-2017); Jive Software, Inc. (2011-2013); Polycom Inc. (2005-2013)
Affiliations: National Security & Technology Advisory Committee.

Learn more about Dr. DeWalt

at http://www.nightdragon.com and https://www.linkedin.com/in/ddewalt/

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 27
Why Authorization Based API attacks are surfacing in
Applications.
By Puneet Tutliani, AppSentinels.ai

In the digital age, business leaders see software teams as core to the business and are
demanding them to innovate faster in response to market and competitive demands.
Organizations are on the path of fast iteration - experimenting with new products or features,
gauging customer feedback, adopting or else dropping and moving-on to the next iteration. The
pace of change is not an option but existential for organizations. Organizations that can adapt will
gain market share and organizations that cannot, will cease to exist.

In response to the need, engineering leaders are constantly looking at ways to make software
delivery faster and better. Application architectures have evolved as a result with major shifts like-
• From monolithic architectures to micro-services design patterns
• From internally developed services to higher use of open-sources and 3rd party services.
• From pre-provisioned static infrastructure to cost optimized Pay-As-You-Go shared cloud
infrastructure.
• From waterfall releases to agile development and rapid deployments many times a day;
various deployment strategies like canary, blue-green etc.
• Immutable containers form-factors.
• Kubernetes simplifying deployments and enabling dynamic scaling of applications.
• Mobile being primary client access mechanism and adoption of single page applications
architectures.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 28
Engineering and Security leaders are working hard to keep up but cannot slow down even if they
are not prepared or have blind-spots.

Implication to Security
Business logic that was all embedded in a single application is now distributed across multiple
micro-services. Also due to frequent changes, business logic is never static rather it’s fluid and
constantly changing. Most importantly, business logic that was completely residing with servers
is now controlled by clients as clients connect responses from multiple API’s and present to the
user.
Further, developers write generic API’s serving multiple use-cases. This leads to unintended data
exposed to the clients.

All of these have large implications for Security. It means authorization needs to be enforced at
granular level across the services. This is a much tougher problem to tackle as traditionally RBAC
& role authorizations were weak spots of applications, had no standards and is now fully exposed
to the malicious users. This exposes many zero-day business logic exploits to the hackers.

Further as applications evolve over time, more API’s are added and obsolete APIs remain in the
system often undocumented. These are all potential entry points for hackers.

All these are blind spots for traditional application security products. Security leaders should look
forward to next generation of application security products that are purpose built to mitigate the
new threats.

Characteristics of Next Generation Security Product

Let us look at characteristics a next generation security product should possess -
• Build deep context of application, API structures, API interactions and the dependencies.
• Understand application users and derive roles and associated permissions to incredibly
detailed individual object level.
• Continuously learn and quickly update application context for new changes.
• Track application context in real-time for every single user and distinguish legitimate and
malicious activity.
• Maintain a data flow map for compliance and privacy observability and track data flows
across various application components.
• Consolidated forensic data from all components for faster patient zero analysis and
proactive threat hunting requirements.
• Support non-intrusive frictionless deployment in multiple form-factors and deployment
modes.
• Zero or minimal impact on application latency, uptime.
• Support elastic scale with ability to ramp up or down with the applications.

Security leaders should keep above characteristics in mind while evaluating vendors for
application security products.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 29
Role of Big Data and AI/ML for Next Generation Application Security Product
Endpoints and Network Security verticals have transformed over last few years via EDR and
SASE and have shown successful path to do threat analytics in the cloud to protect against
advanced threats. At AppSentinels, we believe a similar shift is needed in the Application Security
to protect customers against advanced application threats.

However, there are some serious challenges to address:

• Every application has unique business logic that is constantly evolving. AI/ML models for
Application Security should be able to train with minimal amount of data available for the
specific application.
• Models should be able to train fast to be effective in a constantly changing environment.
• Explain-ability of deep-learning models is a research area in data-science. Application
Security ML models should have explain-ability built-in as customers need clear actionable
insights.
• The models should also have high accuracy to avoid adding to the alert fatigue already
plaguing the industry.

No doubt, delivery from cloud helps simplify management and allow continuous evolvement to
cater to new threats. Security leaders looking for next generation application security product
should evaluate the solutions against this backdrop.

Summary
There are generational shifts happening in application architecture and delivery. Addressing
needs of the next generation applications requires building products grounds up to cater to the
requirements. Current generation products like WAF, RASP and SAST/DAST, in any form, cannot
fight against the new generation of threats as is evident with the news of API breaches reported
on a regular basis. We need purpose-built products to address these requirements.

Application Security must evolve with the Application architectures. We at AppSentinels have built
a platform that addresses many of the challenges listed above. Let us talk and we will be happy
to partner you in your journey to improve your API Security posture.

About the Author

Puneet Tutliani, CEO & Co-founder, AppSentinels.ai
Puneet cofounded AppSentinels in 2020 with a mission to fix gaps
in API security. Puneet is a veteran in cybersecurity with experience
of over 25 years building security products that were industry
leaders like the world’s first 10Gbps Network IPS, world’s fastest
NGFW of it’s time etc. He has deep-expertise in multiple verticals of
security like network security, application security, end-point
security, cloud security and holds multiple patents."
Puneet can be reached online at (@tutliani, LinkedIn) and at our
company website https://www.appsentinels.ai/

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 30
 What Is the Definition of a Black Unicorn?

In the venture capital industry, a unicorn refers to any tech startup company that reaches
a $1 billion-dollar market value as determined by private or public investment.

The term was originally coined in 2013 by venture capitalist Aileen Lee, choosing the
mythical animal to represent the statistical rarity of such successful ventures. Last year,
CB Insights reported that the odds of becoming a unicorn — a company valued at $1
billion or more — was less than 1% for companies that had raised venture capital. In
2013, according to PitchBook data, there were 35 unicorns. At the end of 2023’s first
quarter, that number was 704. Since 2020 alone, 423 companies have vaulted to unicorn
status.

In the cybersecurity industry, Gary S. Miliefsky coined the term black unicorn as a
cybersecurity company that has the potential to reach a $1 billion-dollar market value as
determined by private or public investment within 3-5 years.

The black unicorn awards are designed to help showcase companies with this kind of
potential. Ultimately, the judging in our awards is tough and it’s still up to those notable
mentions, finalists and the winners to execute a flawless business model to reach this
potential. It takes innovation, dedication, passion – the right team and the right cyber
security solution, harmoniously executed to become a unicorn.

Our mission is to uncover future Black Unicorns and based upon the hard work of our
judges and the entrants in our awards program, we think we’ve found them.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 31
 Spotlight: Women in Cybersecurity

While we have many more women winners in our Top Global CISO Awards for 2023, we
wanted to spotlight other amazing women in their roles in cybersecurity as well. We
congratulate them all for breaking the glass ceiling and being role models.

“It’s an honor to be recognized for this award. Cybersecurity risk and assisting
organizations in protecting and preparing themselves against such threats is
tremendously important to me, and it is rewarding to be recognized for these efforts. I’m
also pleased to accept this award alongside other trailblazers and outstanding women in
the cybersecurity industry who are bringing forth necessary perspectives and solutions to
support customers and their respective organizations.” – Carolyn Crandall, CMO

About Carolyn Crandall

Carolyn has held leadership positions at Cisco, Juniper

Networks, Nimble Storage, Riverbed, and Seagate. She is
recognized as a global thought leader on technology trends
in publications such as San Jose's Mercury News, and for
building strategies that connect technology with customers
to solve difficult information technology challenges. Her
current focus is on cybersecurity risk validation and
exposure management.

An active speaker on security innovation at CISO forums

and industry events, Carolyn has been a guest on Fox News and has presented at the
CSO50 Conference, ISSA International, NH-ISAC, and most recently Gartner, and is a
current advisor for Santa Clara University’s Leavey School of Business. She has also
hosted multiple technology education webinars and is an active blogger and byline
contributor.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 32
About Annabelle Klosterman

Annabelle Klosterman is a Cybersecurity Reporter for

Cyber Defense Magazine (CDM) and CDM’s first
Women in Cybersecurity scholarship awardee. She is a
Cybersecurity Engineer for Southwest Airlines, Co-
Founder/Program Director of the Cyber Community
Club, and a Master’s Cyber Defense student at Dakota
State University. Her areas of focus are offensive and
defensive security, governance, risk and management,
security consulting, program management, and
cybersecurity training/outreach.

Throughout the years, Annabelle has competed in numerous competitions and placed
nationally at the Collegiate Cyber Defense Competition in 2022 and 2023 and was a
national finalist in CyberPatriot in 2019 and 2020. Additionally, she earned 1st place in
the 2022 Idaho National Laboratory CyberCore CTF, and Women in Cybersecurity
(WiCyS) CTF in 2021 and 2022. She holds SANS certifications in Cybersecurity
Technologies (GFACT), Cloud Security (GCLD), and Incident Handling (GCIH).

Annabelle has spoken on cybersecurity and career topics at various events and
organizations including US Cyber Games, RSA Conference, Secure360, Texas Cyber
Summit, BSidesSATX, South Dakota InfraGard, Civil Air Patrol, and more. Annabelle’s
goal is to be in a position that changes the way people view and handle security, for their
protection and safety, and the benefit of everyone. Annabelle can be reached online at
https://www.linkedin.com/in/annabelleklosterman and at her website
https://www.annabelleklosterman.com/.

About Tiffany Dinh

Tiffany Dinh is a proud alumnus of The University of Alabama

in Huntsville (UAH) where she received her Bachelor of
Computer Engineering with distinction, graduating with
Summa Cum Laude and minors in Global Studies and
Computer Science. On top of this, she boasts an impressive
array of certifications, holding both CompTIA Security+ and
CompTIA Network+. In her forward-looking trajectory, she is

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 33
gearing up to acquire the esteemed CISSP certification and her Masters of Science in
Computer Science.

Currently, Tiffany works as a Senior Cloud & Cybersecurity Engineer at SAIC. Here, she
helms critical projects, from developing cloud infrastructure for the US ARMY DEVCOM
to creating AI solutions for NASA Langley Research Center. She also works as a
researcher at UAH’s Center for Cybersecurity Research and Education (CCRE). At
CCRE, she has led initiatives and handled classified projects for government contractors
and agencies.

She is also passionately involved in her community and academic endeavors. Notably,
she founded UAH’s Women in Cybersecurity chapter and has made significant
contributions in her leadership positions at UAH’s Honors College and Student
Government Association. Outside of her cybersecurity pursuits, she has been recognized
by several prestigious bodies, from being a CrowdStrike Next Gen Scholar to earning the
title of a National Security Agency (NSA) Stokes Scholar. Her journey, marked by
consistent achievements and leadership, stands testament to her drive in the
cybersecurity field.

Beyond her academic and professional life, Tiffany is a firm believer in lifelong learning.
She’s determined to continue broadening her horizons with aspirations to give back to the
cybersecurity community and inspire future generations.

Honored with the opportunity with Cyber Defense Magazine, Tiffany is excited to delve
into her role as a cybersecurity reporter and blogger. This new venture aligns seamlessly
with her objective to share knowledge, highlight advancements, and drive conversations
in the dynamic world of cybersecurity.

I'm deeply honored to receive the Cyber Defense Media Group Women in Cybersecurity
scholarship. As I navigate my Master's in Computer Science at The University of Alabama
in Huntsville, this award reinforces my aspiration to further delve into advanced education,
potentially pursuing a PhD. My ultimate aim is to instigate meaningful advancements in
cybersecurity, and this scholarship is a pivotal step towards that vision.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 34
About Kylie Amison

I am a recent graduate of George Mason University

where I obtained my Bachelors of Science degree in
Cybersecurity Engineering with a minor in intelligence
analysis. I currently only hold one certification, the
Comptia Security +, but plan to get both the eMAPT
and CEH. I am working full time at a leading mobile
security company, NowSecure, as an Application
Security Analyst where I do all types of fun things like
exploit vulnerable apps, secure mobile application
development, and contribute to exciting projects and
important initiatives that are consistently highlighted
throughout the security industry.

In addition, I also work part time with startup company, Auspex Labs, as a Cybersecurity
Software Developer, where I am the main developer on Diplomacy™, a geopolitical threat
intelligence engine that combines a broad assortment of metrics and NLP sentiment
analysis to calculate nuanced and real-time threat scores per nation state. Working at
Auspex has been pivotal in my knowledge in creating secure software and has given me
the opportunity to not only develop my first product, but to also start my own startup
company, productizing the software and capabilities created in Diplomacy™. Which
brings me to my final achievement, I am now co-founder and CTO of Xenophon Analytics,
a company that grew from shared interests in international political affairs and my project
of building the geopolitical risk engine.

Throughout all of these experiences and my coursework at GMU, I have gained essential
skills in secure software development, risk management, data analysis, Python,
penetration testing, and mobile security. When I’m not researching or coding, you can
find me watching anime, reading Sci Fi, or playing with my dogs! I have aspirations of
going back to school to get a graduate degree in either Digital Forensics, or Cyber Law
(maybe both?). My ultimate goal in life is to learn every single day, and I’m proud to be
doing just that.

With her award, she has received an opportunity for a part-time internship with CDM as
a cybersecurity reporter and blogger.

Reach out to her with story ideas: marketing@cyberdefensemagazine.com

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 35
About Tami Hudson

As EVP & Cybersecurity Client Officer at Wells Fargo,

Tami strategically blends technology and business to deliver
a consistent customer centric experience.

Within her role, as Wells Fargo’s inaugural Cybersecurity

Client Office, Tami is Head of Technology Third Party focused
on identifying, monitoring and tracking the security risks
related to partners and suppliers; Head of the Business
Information Security Officers (BISOs) that function as internal
Chief Information Security Officers (CISO) across the bank's lines of business; As well as
Head of Advisory Services that encompasses consulting offerings delivering "voice of the
customer," public sector-private sector cyber engagement, and Cybersecurity Awareness
to drive cyber resiliency across Wells Fargo's customer and client agenda.

A seasoned executive, Tami has over two decades of technology and security experience
effectively managing risk while driving enterprise objectives. Shei is a former CISO and
Big 4 consulting executive who has hands-on experience leading companies in business
focused cyber transformations, global ransomware breaches, and cyber crisis
management.

With a career focused on building widespread cyber resiliency for Fortune 500 companies
across multiple industries, and a strong blend of technical, business, and communication
skills, Tami is at the forefront of accelerating cybersecurity across our global footprint
while closing the gap between cybersecurity and business through wide-spread risk
mitigation.

Named “Top Woman in Cybersecurity” by Cyber Defense Magazine, a “Top Woman in

Finance” by Career Communications Group, one of the “50 Most Powerful Women in
Technology” and “Women Worth Watching” by National Diversity, Tami is an award
winning and globally recognized cyber executive, and highly sought after speaker. Some
notable past speaking engagements include the Wall Street Journal Cybersecurity
Conference, SIBOS, RSA, and NASDAQ Cybersecurity Summit. Additionally, she has
been a featured cyber subject matter expert on ABC News.

A consummate learner, Tami is an avid community builder with deep involvement across
several charities focused on serving under-privileged youth and women in technology
related fields. A scholarship recipient, Tami obtained a bachelors from Georgia Tech and
an MBA from Duke University.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 36
About Aradhna Chetal

Aradhna is the Managing Director Exec – Cloud

Security and DevSecOps at TIAA, a financial services
company. She is responsible for the cloud security vision,
strategy, and engineering execution for a multi-cloud
hybrid enterprise to deliver security at the speed of cloud.
She has worked in various cybersecurity leadership roles
at JP Morgan Chase, Boeing Company, Microsoft, and T-
Mobile.

Aradhna is an active member in the cybersecurity industry.

She is Co-Chair of the Cloud Native Computing Foundation
Security TAG, Co-Chair for the CSA Serverless Working group and a Cloud Security
Alliance Research Fellow. She contributes to CNCF, Cloud Security Alliance and NIST
Cloud computing standards, has influenced best practices and standards for cloud,
containers, and micro services security. She is also an advisory board member for several
cloud, cloud-native and data protection startups.

Aradhna is adept at revamping cybersecurity programs and modernizing them, with

special focus on the regulated environments. She is a sought-after expert for building
next- generation cybersecurity programs in alignment with digital transformations to
deliver software securely at the speed of cloud. She has experience in managing cyber
and regulatory risk in various industry verticals such as manufacturing, biotech, financial
services, and Telecom.

Aradhna has an MS in Cybersecurity, a BS in electrical engineering, and a CISSP and

CCSP from ISC2.org.

Her technology focus includes emerging technologies, multi-cloud, and cloud-native

security; data; AI/ML; DevSecOps; digital identity; security and privacy; enterprise
infrastructure; and software security.

Operating areas include digital transformation; security strategy; engineering organization

design and development; product roadmaps; innovation and emerging technology;
Managing global teams; highly regulated verticals; defense, biotech, telecom, financial
services, manufacturing.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 37
services, manufacturing.services, manufacturing.
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 38
 In our 11th year of awards, we continue to find tremendous.
innovation from these winners.

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 39
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 40
http://www.sepiocyber.com
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 41
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 42
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 43
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 44
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 45
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 46
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 47
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 48
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 49
 The Top Global CISOs 2023

These CISOs competed against thousands of candidates for this prestigious award. Judges look
at these candidates, searching for the most innovative, with unparalleled success in
communicating with their boards and senior level executives, detecting, and stopping breaches
and data loss, complying with regulations, and building powerful risk reduction programs for their
organizations.

Chief Information Security Officers are the first responders of cyberspace and deserve to be
recognized for their tremendous achievements as they fend off cyber criminals, cyber terrorists,
malicious insiders, and nation state sponsored attacks.

For years they have been considered operating cost centers while helping corporations avert
disasters that could put them out of business. They work tirelessly to allow companies to grow,
expand, and increase potential profits by managing and mitigating major risks and regulatory
compliance issues on a day-to-day basis.

“We’re pleased to name this small, elite group of information security professionals in our Top
Global CISOs Awards for 2023,” said Gary Miliefsky, Publisher of Cyber Defense Magazine.

Here are the winners in alphabetical order by the name of their company:

Stephanie Franklin- Jorel Van Os Edward Maule

Thomas PhD Acrisure Advocare, LLC
ABM
Thomas Dager Vijaya Kaza
Charmaine Valmonte ADM Airbnb
Aboitiz Group
Alex Cunningham Jenny Sissom
Chris Gay Advisor360° Allison Transmission
Acosta Group

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 50
 Evan Morgan Awwab Arif Gary Gooden
Ally Financial Inc. Bank of Hope CISO at Large

David Bell Karin Höne Timothy Youngblood

American Airlines Barloworld CISO at Large

Peter Worth Jr Sean Murphy Brian Fricke

American Benefits BECU City National Bank of
Consulting Inc. Florida
Ryan Melle
Stephen Cicirelli Berkshire Bank Mahmood Khan
American Bureau of CNA Insurance
Shipping Rinki Sethi
BILL Alex Schuchman
Sajed Khan Colgate-Palmolive
American Heart Association Julien Soriano
Box Corey Elinburg
Elrich Engel CommonSpirit Health
AMP Eva Puerta Pérez
Caceis Bank Spain and Patrice Bordron
Ash Hunt Latam Community Health Systems
Apex Group Ltd.
Martin Bally Thanh Thai
Robert Schuetter Campbells Constellis
Ashland
Britney Kennedy Dan Carbonnell
Sunil Dadlani Cardinal Health Continuum Global
Atlantic Health System Solutions, LLC
Rick Doten
Dwayne Steinway Carolina Complete Health Jon Raper
Audacy Inc. Costco
Michael Hoehl
Mike Green Carpenter Technology Jeremiah Fletcher
Availity COUNTRY Financial®
Umesh Yerram
Dana Simberkoff Cboe Global Markets Raymond Umerley
AvePoint Inc. Coveware
Alan Berry
Aaron Goodwin Centene Gary Eppinger
B. Riley Financial CSX
Arnaud Bachelet
Ryan Field CHANEL Diego Souza
Bank of Hawaii Cummins
Janet Heins
ChenMed

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 51
 Endre Jarraux - Walls Lance Harris William Telles
Customers Bank Everi Holdings Inc. Grupo Águia Branca

Mark A. Houpt Eric Pickersgill Joshua Brown

DataBank Holdings, Ltd. FINRA H&R Block

Fred Kwong Marc Ashworth Marcos Marrero

DeVry university First Bank H.I.G. Capital

Yaron Levi Marco Maiurano Mark Johnson

Dolby Laboratories First Citizens Bank Hackensack Meridian
Health
Dannie Combs Nick Ritter
Donnelley Financial First Financial Bank James Gorman
Solutions (DFIN) Hard2Hack.com
Steven Jones
David Ramirez First Horizon Bank Richard Flahaven
DRW Harley-Davidson
Riad Amro
Mike Kelley FlightSafety International Jeffrey Vinson
E. W. Scripps Harris Health System
Christine Vanderpool
Mark D. Webster Florida Crystal Jason Barnett
East Carolina University HCA Healthcare
Barbara Cousins
Joe Voje Flywire Chris Lockery
El Camino Health Help at Home
Marty Ray
Will Lazzaro Fossil Group, Inc. Melina Scotto
Embrace Pet Insurance Hilton
Edward Contreras
Darwish Mohamad Azad Frost Bank Hassan Asghar
Emirates NBD Group Hinge Health
Markus Kaufmann
Stephanie Roberts Funko LLC Selva Mahimaidas
EmployBridge Houghton Mifflin Harcourt
Teresa Zielinski
Bertrum Carroll GE Hemant Jain
EMPLOYERS Indiana Office of
Vitor Sena Technology
Frank Depaola Gerdau
Enpro Rob Hornbuckle
Michael Cunningham Innovative Defense
Josh Knopp Graphic Packaging Technologies
Enterprise Holdings Inc. International

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 52
 Brent Conran Harold Moore Venkatesh Subramaniam
Intel Lifeway Christian Resources Mindsprint

Dane Waren Lokesh Yamasani Dan Inman

Intertek Linksys Minnkota Power
Cooperative
Robert Pace Kemal Piskin
Invitation Homes LinQuest Timothy Myers
Missouri Employers Mutual
Connie Barrera Afia Philips
Jackson Health System Little Caesar Enterprises, Marcel Lehner
Inc. MM Group
Raj Badhwar
Jacobs Engineering Rebecca Goza Yatin Choksey
Love's Travel Stops & Moelis
Roman Medina Jr. Country Stores
Jefferson Bank Walter Williams
Lane Sullivan Monotype
Chris McLaughlin Magellan Health
Johns Manville Summer Craze Fowler
Lester Godsey Motional
Longinus Timonchenko Maricopa County
Kabum Christos Syngelakis
Dan Kelly Anderson Motor Oil
Jeff Maxon Mark V Security
Kansas Information Security Stacy Mill
Office Derek Hardy Nashville Electric Service
Marvell
Laurie Saims Michael Kearns
KLA Richard Yun Nebraska Methodist Health
Masimo Corporation System
John Scrimsher
Kontoor Brands Matt Long Arun DeSouza
MasterCraft Boat Company Nexteer
Maureen L Niemiec
Kontoor Brands Inc. Kapil Madaan Carla Donev
Max Healthcare NiSource
Bryan Willett
Lexmark International, Inc. Arshad Ahmed William Dougherty
Mercedes-Benz USA Omada Health, Inc.
Mike Melo
LifeLabs Michael Jacobs Afzal Khan
Mindbody OPKO Health
Anthony Siravo
Lifespan

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 53
 Idan Malei Mark Leary James Beeson
Ormat Ltd. Regeneron The Cigna Group

Chuck Markarian Daniel Temisanren Keith Turpin

PACCAR Registrar-Recorder/County The Friedkin Group
Clerk, Los Angeles
Russell Okoth Howard Whyte
Pacific Premier Bank Adam Evans Truist
Royal Bank of Canada
William Curtiss Kip James
Paper Excellence Group Jim Motes TTEC
Ryan
Bradley Schaufenbuel Cheryl Washington
Paychex Joe Ellis UC Davies
Ryder System, Inc.
Tim Tomlinson Lester Mccollum
PointClickCare Ishaaq Jacobs UChicago Medicine
Sasol
Joey Johnson Tracey Brand- Sanders
Premise Health Mathew Biby UGI Corporation
Satcom Direct
Andrew Cannata Rick Holmes
Primo Water Corporation Garett Smiley Union Pacific Railroad
Serco Company
Dwayne Smith
PrismHR Allan Cockriel Deneen DeFiore
Shell United Airlines
Steven Sim
PSA INTERNATIONAL PTE John McClure Frank Sinatra
LTD Sinclair, Inc. University Hospital

Gurdeep Kaur Jericho Simmons Zachary Lewis

PSEG Sound Physicians University of Health
Sciences and Pharmacy
John Kupcinski Nathan Routen
PSEG Long Island LLC Southwestern Health Sara Schmidt
Resources US Foods
Ravi Mani
Quest Diagnostics Dave Ruedger Mary Dickerson
Sunrun UTHealth Houston
Mimoent Haddouti
RaboBank Kevin Gowen Fernanda Vaqueiro
Synovus V.tal
Jon Murphy
RCS

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 54
 Shane Callahan Sunil Seshadri David Tyburski
Vanderbilt University Wells Fargo Wynn Resorts

Nick Shevelyov Daniella Traino Viswa Vinnakota

VCSO LLC Wesfarmers Xerox

Auston Davis Manas Giri Michael Calderin

Versant Health WestJet YAGEO Group

Randy Raw Taurean Russell Shawn Edwards

Veterans United Home Winston Salem State Zayo Group
Loans University
Elena Seiple
Oliver Wyler Josh DeFigueiredo Zillow Group
Vontobel Workday
Jody Blanchard
Chuck Bartenbach Mac Esmilla Zimmer Biomet
W. L. Gore & Associates World Vision International

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 55
 The Top InfoSec Innovators 2023

Adaptive Shield Appdome Benjamin Russell of

Cutting Edge Editor's Choice AGCO Corporation
SaaS/Cloud Security Mobile App Security Cutting Edge
Cybersecurity Project
Adlumin AppSentinels Management
Cutting Edge Cutting Edge
Managed Detection and API Security BigID
Response (MDR) Service Most Innovative
Provider Asimily Data Security Platform
Most Innovative
Advanced Onion, Inc. Healthcare IoT Security BIO-key International
Most Innovative Most Innovative
User Behavior Analytics AT&T Cybersecurity Phoneless, Tokenless,
Most Innovative Passwordless
Airgap Networks Threat Intelligence Authentication Solution
Most Innovative
Critical Infrastructure Atlantic.Net, Inc. BreachLock
Protection Most Innovative Most Innovative
Compliance Penetration Testing
Allot
Cutting Edge BackBox Cado Security
Cybersecurity-as-a- Cutting Edge Most Innovative
Service (CaaS) Vulnerability Remediation Cloud Threat Detection
Automation Investigation & Response
ANY.RUN (TDIR)
Most Innovative Beijing ThreatBook
Malware Analysis Technology Co., Ltd.
Cutting Edge
Endpoint Security

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 56
 Camelot Secure CybeReady Deepwatch
Most Innovative Most Innovative Editor's Choice
Advanced Persistent Security Awareness Cyber Resilience
Threat (APT) Detection Training
and Response Defendify
Cybersixgill Hot Company
Cerby Cutting Edge Cyber Resilience
Most Innovative Threat Intelligence
Identity & Access Destination Certification
Management Cyble Inc.
Editor's Choice Most Innovative
Cervello Ltd. Threat Intelligence Cybersecurity Training
Most Innovative Videos
Railway Cybersecurity Cycode
Most Innovative Dig Security
Cloud Range Cyber Application Security Most Innovative
Cutting Edge Data Security
Cybersecurity Training Cydome
Cutting Edge Digital Hands
Conquest Cyber Maritime Cybersecurity Most Innovative
Most Innovative Managed Security Service
Third Party Cyber Risk CYE Provider (MSSP)
Management (TPCRM) Most Innovative
Risk Management Digital Silence
Coro Most Innovative
Most Innovative Cyera Breach & Attack
Midmarket cybersecurity Most Innovative Simulation
Cybersecurity Startup
Corvus Insurance DNSFilter
Editor's Choice Cymulate Cutting Edge
Cyber Insurance Most Innovative DNS Security
Breach and Attack
Cranium Simulation Don't Be Breached, Inc.
Cutting Edge Editor's Choice
Cybersecurity Artificial DataDome Data Security
Intelligence Most Innovative
Bot Management Donoma Software
Critical Start Cutting Edge
Most Innovative Deep Instinct Data Security Platform
Managed Detection and Editor's Choice
Response (MDR) Cybersecurity Artificial
Intelligence

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 57
 Eclypsium Genie Networks Hornetsecurity Ltd.
Most Innovative Hot Company Most Innovative
Software Supply Chain Network Detection and Data Loss Prevention
Security Response (DLP)
Gigamon
Endace Most Innovative HYAS Infosec Inc.
Most Innovative Cloud Security Monitoring Most Innovative
Cloud Threat Detection Protective DNS
Investigation & Response Good Code
(TDIR) Most Innovative Hyperproof
Cybersecurity Engineering Most Innovative
Ermes Browser Security Solutions Governance, Risk and
Most Innovative Compliance (GRC)
Browser Security Graylog
Most Innovative HYPR
Eventus Security Central Log Management Most Innovative
Cutting Edge Identity Verification
Managed Security Service Grip Security
Provider (MSSP) Most Innovative iboss
Identity Security Most Innovative
Flexxon Browser Isolation
Hot Company Guardsquare, Inc.
Endpoint Security Cutting Edge Illumio
Mobile App Security Cutting Edge
Forcepoint Zero Trust
Most Innovative Gurucul
Content Disarm and Most Innovative ImmuniWeb
Reconstruction (CDR) Security Information Event Publisher's Choice
Management (SIEM) Application Security
Fortra’s Digital Defense
Editor's Choice hackrocks Imprivata
Vulnerability Management Most Innovative Cutting Edge
Cybersecurity Training Identity & Access
Forward Networks Management
Hot Company Halcyon
Compliance Cutting Edge Infolock
Cyber Resilience Editor's Choice
GeeTest Data Loss Prevention
Editor's Choice HiddenLayer (DLP)
Bot Management Most Innovative
Adversarial ML Threat
Mitigation

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 58
 IONIX Mend.io NINJIO, LLC
Most Innovative Hot Company Most Innovative
Attack Surface Application Security Cybersecurity Awareness
Management
mSOC.io LLC Nisos
iTRUSTXForce Hot Company Publisher's Choice
Corporation SOC-as-a-Service Threat Intelligence
Most Innovative
Cybersecurity-as-a- Netcraft NordLayer
Service (CaaS) Editor's Choice Most Innovative
Cybersecurity Company Zero Trust
JumpCloud
Hot Company Netragard Normalyze
SMB Cybersecurity Cutting Edge Cutting Edge
Penetration Testing Data Security Posture
Karan Dwivedi of Google Management (DSPM)
Most Innovative NetRise
Security Expert Cutting Edge
Firmware Onyxia Cyber Inc.
Kasada Cutting Edge
Hot Company NetSfere Cybersecurity
Bot Management Most Innovative Performance Management
Secure Communications
Keyavi Data Open Text Cybersecurity
Visionary Market Maker NetSPI Most Innovative
Self-Protecting Data Cutting Edge Cyber Resilience
Breach & Attack
Kingston IronKey Simulation Paladin Cyber
Most Innovative Most Innovative
Encrypted Hardware Netwrix SMB Cybersecurity
Most Innovative
Lattice Semiconductor Privileged Access Panaseer
Most Innovative Management (PAM) Most Innovative
Embedded Security Continuous Controls
Next DLP Monitoring Platform
Level 6 Cybersecurity Cutting Edge
Most Innovative Data Loss Prevention Panther Labs
Artificial Intelligence and (DLP) Hot Company
Machine Learning Cybersecurity Startup
NextRay AI
LinkShadow Cutting Edge Prelude Security
Most Innovative Network Detection and Cutting Edge
Network Detection and Response Cybersecurity Startup
Response

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 59
 Protegrity Salt Security SlashNext
Publisher's Choice Most Innovative Most Innovative
Data Security API Security Email Security and
Scalarr Inc. Management
Pvotal Technologies Inc. Most Innovative
Most Innovative Cybersecurity Artificial Spin.AI
Enterprise Security Intelligence Most Innovative
Ransomware Protection of
Qrypt Scribe Security SaaS Data
Most Innovative Cutting Edge
Quantum Encryption Software Supply Chain Stealth-ISS Group Inc.
Security Most Innovative
Radiant Security SOC-as-a-Service
Cutting Edge Seclore
AI Security Co-pilot Hot Company Stellar Cyber
Data Security Most Innovative
Raytheon XDR – Extended Detection
Cutting Edge SeeMetrics and Response
Cybersecurity Company Most Innovative
Cybersecurity Sternum
Reblaze Performance Management Hot Company
Most Innovative Healthcare IoT Security
Next Generation Firewall Semperis
Cutting Edge Strata Identity
Red Access Active Directory Security Cutting Edge
Most Innovative Identity Orchestration
Hybrid Work Security SendQuick Pte Ltd.
Most Innovative Suridata
Reflectiz Authentication (Multi, Most Innovative
Most Innovative Single or Two-Factor) SaaS Security
Web Application Security
Sepio Syxsense
ReversingLabs Most Innovative Most Innovative
Hot Company Asset Risk Management Vulnerability Assessment,
Software Supply Chain Remediation and
Security Sevco Security Management
Cutting Edge
RunSafe Security Attack Surface Tami Hudson of WELLS
Hot Company Management FARGO
Critical Infrastructure Most Innovative
Protection Simeio Women in Cybersecurity
Most Innovative
Identity Orchestration

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 60
 Tanium Varonis Systems Zero Networks Inc.
Most Innovative Most Innovative Most Innovative
Cybersecurity Company Data Security Posture Micro-segmentation
Management (DSPM)
ThreatConnect, Inc. Zimperium
Hot Company Verimatrix Most Innovative
Threat Intelligence Hot Company Mobile App Security
Mobile App Security
ThreatLocker Zivver
Editor's Choice Versa Networks Cutting Edge
Zero Trust Platform Most Innovative Email Security and
Cloud Security Management
Traceable AI
Editor's Choice Viakoo
API Security Most Innovative
Internet of Things (IoT)
Trend Micro Security
Most Innovative
Cybersecurity Visionary XONA Systems
Most Innovative
Tufin OT Security (Operational
Most Innovative Technology Security)
Network Security and
Management XTN Cognitive Security
Most Innovative
TuxCare Account Takeover
Most Innovative Protection
Vulnerability Management
Yizhi Sec
ULTRA RED Cutting Edge
Most Innovative Data Security
Continuous Threat
Exposure Management Zenity
(CTEM) Most Innovative
Low-code/no-code
UnknownCyber Security
Cutting Edge
Zero-day Threat Detection

To see the final list of these winners online, visit: https://cyberdefenseawards.com/top-

infosec-innovators-for-2023/

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 61
 The Black Unicorn Awards Winners for 2023

Conceal

Corelight

Cyderes

CyberGRX – Process Unity

Deepwatch

HiddenLayer

Huntress

Iboss

Panaseer

SixMap

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 62
 The Black Unicorn Awards Finalists for 2023

Apiiro Enveil SepioCyber

AppOmni Fortanix Signifyd
Arkose Labs Forward Networks Skyflow
AttackIQ Halcyon SkyHive
Axio Horizon3.ai SlashNext
Bitwarden Hunters Stairwell
Black Cloak Interos Stellar Cyber
CallSign Keyavi Data Swimlane
Circadence Logz.io SYNACK
Cornami Mend.io Terra Quantum
Cyesec Nozomi Networks ThreatBook
Cygnvs Nym ThreatLocker
Cymulate Privacera Torq
Cyolo ReversingLabs Twingate
Deep Instinct Rubrick TXOne Networks
Eclypsium SafeBreach Upstream
Elisity Secureframe Versa Networks

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 63
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 64
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 65
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 66
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 67
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 68
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 69
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 70
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 71
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 72
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 73
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 74
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 75
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 76
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 77
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 78
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 79
out The Black Unicorn Report
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 80
The Black Unicorn Report is a once-per-year publication of the Cyber Defense Awards and Cyber Defense
Magazine team, two leading platforms of the Cyber Defense Media Group. This is Cyber Defense
Magazine’s 11th year of honoring cybersecurity innovators, in this case the Black Unicorn Awards for 2023
on our Cyber Defense Awards platform. In this competition, judges for these prestigious awards includes
cybersecurity industry veterans, trailblazers and market makers Gary Miliefsky of CDMG, Robert R.
Ackerman Jr. of Allegis Cyber, Dino Boukouris of MomentumCyber, Lindsey Polley de Lopez, PhD, MPA,
M.Phil of VentureScope and MACH37 and with much appreciation to emeritus judges Robert Herjavec of
Cyderes, Dr. Peter Stephenson of CDMG and David DeWalt of NightDragon.

To see the complete list of finalists and winners for the Black Unicorn Awards for 2023 please visit
https://cyberdefenseawards.com/black-unicorn-winners-for-2023/

All rights reserved worldwide. No part of this newsletter may be used or reproduced by any means, graphic,
electronic, or mechanical, including photocopying, recording, taping or by any information storage retrieval
system without the written permission of the publisher except in the case of brief quotations embodied in
critical articles and reviews. Because of the dynamic nature of the Internet, any Web addresses or links
contained in this newsletter may have changed since publication and may no longer be valid. The views
expressed in this work are solely those of the author and do not necessarily reflect the views of the
publisher, and the publisher hereby disclaims any responsibility for them.

Black Unicorn Report for 2023, Copyright © 2023, Cyber Defense Magazine, a division of CYBER
DEFENSE MEDIA GROUP 276 Fifth Avenue, Suite 704, New York, NY 10001, Toll Free (USA): 1-833-
844-9468 d/b/a CyberDefenseAwards.com, CyberDefenseMagazine.com, CyberDefenseNewswire.com,
CyberDefenseProfessionals.com, CyberDefenseRadio.com and CyberDefenseTV.com, is a Limited
Liability Corporation (LLC) originally incorporated in the United States of America. Our Tax ID (EIN) is: 45-
4188465, Cyber Defense Magazine® is a registered trademark of Cyber Defense Media Group. DUNS#
078358935. All rights reserved worldwide. marketing@cyberdefensemagazine.com

Cyber Defense Magazine

276 Fifth Avenue, Suite 704, New York, NY 1000
EIN: 454-18-8465, DUNS# 078358935.
marketing@cyberdefensemagazine.com
www.cyberdefensemagazine.com
www.cyberdefenseawards.com

Cyber Defense Magazine – Black Unicorn Report rev. date: 10/26/2023

2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 81
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 82
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 83
2023 | The Black Unicorn Report – Including Top InfoSec Innovators & Top Global CISOs 84