Rich Guida has 45 years of professional experience covering information security and related fields. He spent 25 years in the Department of the Navy where he was responsible for the technical, regulatory, environmental and security aspects of nuclear propulsion aboard U.S. Navy submarines and aircraft carriers. He was appointed to the Federal Senior Executive Service in 1989 and received a Presidential Meritorious Rank award in 1996.
Rich left government service in 2001 to join Johnson & Johnson, from which he retired in 2011 as Vice President, Worldwide Information Security (the J&J Chief Information Security Officer). During his time there, he was responsible for information security across the entire J&J enterprise. Over the past seven years since his retirement from J&J, he has performed private consulting work for clients in the pharmaceutical, medical device, retail, insurance, financial, and telecommunications sectors, and for a Federal agency. While this work covered a wide range of information security matters, it focused on:
- Helping clients identify and categorize information security risks, and then helping them ensure that those risks are properly assessed in business processes.Some of this effort has been done in the context of achieving ISO 27001 compliance.
- Helping clients select, implement, and manage Identity and Access Management solutions covering their own enterprise employees as well as contractors and customers, to meet information security and audit requirements.
- Helping clients construct and implement comprehensive information security policies, standards, and controls.This includes ensuring alignment with critical business processes to support proper trade-offs with business impact.
In addition to publishing numerous professional and technical articles, Rich is the author of a book on information security entitled The Entropy Police: Practicing Information Security in the Enterprise. That book includes chapters on information security risk management, identity and access management including authentication, incident management, and business continuity.
Rich also served as a member of the Information Security and Privacy Advisory Board of the Department of Commerce from 2000 through 2005, and as a member of the U.S. Army Science Board from 2011 through 2015. He is a CISSP. Rich graduated from the Massachusetts Institute of Technology with an SB in Electrical Engineering (Computer Science) and an SM in Nuclear Engineering, and he subsequently received an MBA from The George Washington University.