Curriculum Vitae

• Invited earlier in his career to assist on defense-related security issues involving the National Security Agency.
• Member (since its inception) of FBI InfraGard, a government/private sector partnership to improve security of information systems in the private sector.
• Participated in IEEE 802.11 committee defining Ethernet security standards.
• Member of the Information Systems Security Association.
• Member, International Association of Privacy Professionals.
• Registered Practitioner in the CMMC ecosystem.
• Active in AI governance and AI literacy through Huttan Holding's AIGIP initiative. Current work includes helping organizations understand the governance, cybersecurity, privacy, and compliance implications of artificial intelligence in regulated environments. AIGL certification in progress to further support AI governance, AI risk, and responsible AI implementation work.

As partner and CISO of two operational cybersecurity companies, Mitch is responsible for technical strategy, engineering, program implementation, and third-party technical solutions for clients and affiliated businesses. His daily responsibilities include:

• Corporate cyber risk assessments and risk mitigation plans
• Cyber risk policy creation and rollout
• 800-171, ISO 270xx, and NIST Cybersecurity Framework compliance planning
• Cyber incident and disaster response planning
• Cyber impact to business valuation
• Serving as virtual CISO (vCISO) to multiple national and international companies

Through Huttan Holding's broader ecosystem, Mitch's current work also intersects with AI governance, CMMC readiness, NIST 800-171 implementation, CUI governance, vCISO advisory, digital forensics, and executive cybersecurity education. This gives him current operational visibility into the same types of governance and compliance failures that increasingly become central issues in cybersecurity litigation.

Absio developed military-grade data-level security and distribution control applications. Mitch architected the Absio applications and IT infrastructure, managed the development team, provided sales support for all technical issues, and was responsible for all operational activities including guidance to the Board on critical technology and security areas.

Senior technical officer responsible for all information security and IT strategy, architecture, and operations. Drove the technology merger of an acquired business and an autonomous division. All information technology staff reported directly to him.

Mercury Companies is a privately held financial services conglomerate with interests in real estate title, escrow, software, and other real-estate related services. As senior technology strategist and architect, Mitch reported to the Chairman and provided guidance across all subsidiaries. Key responsibilities included:

• Overall security strategy and implementation for a firm with 200+ offices and 7,000 employees
• Chief architect of a new enterprise framework platform merging 100+ diverse applications into a single portal
• Led response to financial institution security audits and managed mitigation via the security operations team
• Championed and led a major data center virtualization strategy, virtualizing hundreds of servers to reduce power, space, support, and licensing costs
• Led efforts to keep critical systems operational while staff was reduced by half and operating expenses by one-third during the housing industry downturn

As CTO/CISO of this Mercury subsidiary, Mitch oversaw the platform shift from a PC-based thick-client service bureau to a web-based ASP supporting three of the five largest U.S. lenders. The platform provided real-time document creation and business process outsourcing for multiple lenders across multiple data centers with extremely high availability, tight security, and structured development and maintenance processes.

Part of the team that built the first generation of the Global Positioning System (GPS) for the Air Force, and part of the team that built the next-generation air traffic control system for the FAA.

Chief architect and manager for the unit providing computer services to the Defense Systems Division of Texas Instruments. Resources included hundreds of VAX systems, thousands of PCs, several mainframe data centers, multi-million-dollar computerized flight test equipment, and 350 staff members. Managed a $50M operating budget and $10M capital budget.

As first information systems security manager, responsible for security across numerous highly classified programs. Worked with program customers and managers to design and implement information systems security programs and manage risk of potential security breaches and compromise of classified information.