Under Ms. Westby’s leadership, Global Cyber Risk LLC has developed an international reputation for its first-tier cybersecurity advisory and technical services.Drawing upon a unique combination of more than thirty years of technical, legal, policy, and business experience, Ms. Westby has developed proprietary methodologies for cyber risk assessments, incident response planning, cyber governance, and digital inventories and data mapping. GCR’s clients include large, mid-sized, and small businesses, non-profit organizations, and governments. She and her team have also helped corporations develop enterprise approaches to e-discovery that enable them to efficiently respond to discovery requests, develop litigation strategies, and deflect attempts by opposing parties to obtain access to their systems.
GCR’s services include:
- Development of cyber governance frameworks for boards and senior management
- Cybersecurity risk assessments
- Global privacy and security compliance reviews
- Developing digital asset inventories (applications, data, hardware) and mapping of data flows
- Comprehensive incident response planning and breach management
- Vendor risk assessments (including cloud environments)
- Development of cybersecurity policies, standards, and procedures
- Technical vulnerability scanning, software code reviews, and remediation support.
Global Cyber Risk’s team works with some of the world’s largest corporations in evaluating their cybersecurity posture, identifying gaps and deficiencies, and remediating exposures. They have also developed robust incident response plans that rank incidents and involve the executive and board levels. The firm’s international expertise in global privacy and security legal frameworks enable them to help firms manage global privacy and cybersecurity compliance requirements and integrate them into security programs.
Ms. Westby is a professional blogger for Forbes. She serves as Adjunct Professor to Georgia Institute of Technology’s School of Computer Science and was previously Adjunct Distinguished Fellow to Carnegie Mellon CyLab. She was lead author on Carnegie Mellon’s Governing for Enterprise Security Implementation Guide, which was developed for boards and senior management. She is author of the 2008, 2010, 2012, and 2015 Governance of Cybersecurity survey reports. Ms. Westby’s work on the governance responsibilities of boards and senior executives for the security of their organizations’ systems and data has been featured by the CISO Executive Network, Bloomberg BNA, and other major media. She also publishes a regular column on cybersecurity risk in Leader’s Edge magazine, published by the Council of Insurance Agents and Brokers (CIAB).
Prior to founding Global Cyber Risk, Ms. Westby served as senior managing director for PricewaterhouseCoopers (PwC) where she was responsible for information security, privacy, information sharing, and critical infrastructure protection issues across the federal government. She also was co-lead in launching their outsourcing practice.
Before joining PwC, Ms. Westby founded the Work-IT Group LLC and specialized in serving government and private sector clients on legal and regulatory issues associated with information technology and online business.
Working with The World Bank and USAID, Ms. Westby has advised government officials and industry in Bulgaria, Croatia, Macedonia, Romania, Armenia, Serbia, Russia, Vietnam, Bangladesh, Trinidad, Dominica, St. Lucia, Grenada, South Africa, Mexico, and India on the development of their legal frameworks for e-commerce, security, and privacy.
Previously, Ms. Westby was Director of Domestic Policy for the U.S. Chamber of Commerce, where she was responsible for a wide range of business policy issues under her purview. Her department was responsible for influencing national policy in both the legislative and regulatory arenas in each of these areas. Ms. Westby organized and managed national coalitions and supervised U.S. Chamber involvement in 33 industry coalitions.
Ms. Westby also:
- Launched In-Q-Tel, an IT solutions/venture capital company founded by the CIA to address the intelligence community’s most pressing technology problems
- Served as Senior Fellow & Director of IT Studies for the Progress & Freedom Foundation
- Practiced law with the New York firms of Shearman & Sterling and Paul, Weiss, Rifkind, Wharton & Garrison.
Ms. Westby is a member of the bars of the District of Columbia, Colorado, and Pennsylvania, and the American Bar Association (ABA). She is chair of the ABA’s Privacy and Computer Crime Committee (Section of Science & Technology Law) and was chair, co-author and editor of its International Guide to Combating Cybercrime, International Guide to Cyber Security, International Guide to Privacy, and Roadmap to an Enterprise Security Program (endorsed by the Global CSO Council). She is author of the Legal Guide to Cybersecurity Research and the Legal Guide to Botnet Research, published by ABA Publishing in July 2013. She represented the ABA on the National Conference of Lawyers and Scientists from 2004-2010. Ms. Westby also serves as co-chair of the ABA Criminal Justice Section’s Cybercrime Committee. She is serving her fourth term on the ABA President’s Cybersecurity Task Force.
From 2010-12, she served as co-chair of the World Federation of Scientists’ Permanent Monitoring Panel on Information Security and represented WFS in UN meetings. She was appointed to the United Nations’ ITU High Level Experts Group on Cyber Security and chaired the development of the ITU Toolkit for Cybercrime Legislation (later changed to the ABA Toolkit for Cybercrime Legislation). She was co-author and editor of the United Nations’ ITU 2010 publication, The Quest for Cyber Peace. Ms. Westby has also served on the advisory board of The Intellectual Property Counselor and BNA’s Privacy and Security Law Report.
Ms. Westby has authored numerous articles and papers and has been quoted in publications such as the Financial Times, International Herald Tribune, USA Today, and Washington Post, and leading trade journals. She speaks globally on topics pertaining to her areas of expertise and regularly appears as a television commentator on cyber issues.
She was elected to join the American Bar Foundation in 2007 and the Cosmos Club in 2010.
She received her B.A., summa cum laude, from the University of Tulsa, and a J.D., magna cum laude, from Georgetown University Law Center. She is a member of the Order of the Coif.