Mandy Andress: Visionary Leader in Cybersecurity
CISO, Elastic
Mandy Andress serves as the Chief Information Security Officer (CISO) at Elastic, bringing with her a wealth of experience in information risk management and cybersecurity. Her career journey includes pivotal roles where she spearheaded information security initiatives at MassMutual and played a key role in establishing robust security programs at organizations like TiVo, Evant, and Privada. Mandy also worked as a security consultant for industry giants such as Ernst & Young and Deloitte & Touche, advising clients across sectors including energy, financial services, and global internet technology enterprises. Additionally, she founded her own information security consulting firm, serving a diverse clientele ranging from Fortune 100 companies to innovative startups.
As an authority in the field, Mandy has authored the book “Surviving Security,” which has garnered recognition with two editions used as a foundational text in academic programs at universities worldwide. Her expertise extends to product evaluation as she has contributed to multiple publications, offering insights through her weekly security column for InfoWorld. Her prominence in the cybersecurity community has led to invitations to speak at major security conferences such as BlackHat and Networld+Interop, where she shares her knowledge and experiences.
In addition to her speaking engagements, Mandy has dedicated time to academia, teaching a graduate-level Information Risk Management course at UMass Amherst within the College of Information and Computer Sciences. Her multifaceted career reflects a commitment not only to enhancing security measures within organizations but also to shaping the next generation of cybersecurity professionals.
As the digital landscape continues to evolve, the importance of leaders like Mandy Andress in addressing information security challenges cannot be overstated. Her extensive background and advocacy for stronger data protection practices provide a roadmap for organizations aiming to bolster their security posture in an increasingly complex environment.
