Rocco Grillo is an Executive Managing Director that serves on Stroz Friedberg’s executive management team. He is also in charge of the firm’s Cyber Resilience business which includes the company’s incident responders and security scientists who deliver the firm’s proactive and reactive cybersecurity capabilities, Mr. Grillo regularly advises clients, including boards and executive management on a range of cybersecurity issues across all industries
In this role, Mr. Grillo is responsible for the oversight and supervision of various cyber response efforts, including but not limited to data breaches, malware outbreaks, and intellectual property theft and cyber extortion. Additionally he oversees services designed to assess security risk and develop strategic solutions for the firm’s clients.
Mr. Grillo has more than 25 years of experience providing organizations with security and risk management services. He is an internationally recognized expert in the field of Incident Response (“IR”) and information security and has assisted corporations, law enforcement agencies, major law firms, and industry threat intelligence organizations with all matters involving computer security incident response & computer forensics matters and security threat advisory services.
Throughout his career, Mr. Grillo has been a trusted asset to the information security community at large as well as to the U.S. government. Several joint investigations he helped to lead have resulted in takedowns, warrant executions and apprehension of suspects believed to be responsible for massive financial data compromises. He has partnered with law enforcement agencies in enhancing both operational and executive awareness through cooperative educational sessions with the U.S. Secret Service and the Federal Bureau of Investigation. His unique exposure and understanding of both the private sector challenges and high level national security objectives puts him in a category where few security professionals are counted. He has contributed his industry expertise in the development of national policy related to cybersecurity and the NIST Cyber Security Framework.
Mr. Grillo provides clients with expertise in Enterprise Security Governance / ISO 27001 & NIST CSF strategy development, IR investigations as well as proactive IR-readiness exercises, vulnerability, threat management assessments as well Red Teaming penetration testing and application security reviews. Mr. Grillo has advised clients and coordinated IR efforts to some of the largest security breaches over the last decade and assists the FS-ISAC with the development its annual simulated table top exercise to assess the readiness of financial institutions in the event of a cyber-attack.
Mr. Grillo is a CISSP, CRMA, PCI-QSA, and Certified Third Party Risk Assessor (CTPRA). He is an affiliate Board Advisor for FS-ISAC, NH-ISAC Advisory Board, a member of the Shared Assessments Program Steering Committee Board, the CLM Cyber Liability Council, and has also served on the Board of Directors of the NY Metro ISSA Chapter, the IT Policy Compliance Group, and the (i-4) International Information Integrity Institute Research Steering Committee. He has spoken on leading information security topics for a variety of audiences and industries including RSA, the IT Policy Compliance Group, the ISSA, IIA, (i-4) and other industry organizations. He has been quoted in CNNMoney, The Wall Street Journal, The New York Times, The London Times, Thomsen Reuters, and other industry publications.
Prior to joining Stroz Friedberg, Mr. Grillo was a Managing Director and Global Leader of Protiviti’s IR & Forensics Investigations practice. He helped build the firm’s Global Security & Privacy practice from the ground up. He previously helped develop RedSiren Technologies, a leading MSSP & full services security firm that evolved out of Carnegie Mellon (co-founders of CERT). Prior to RedSiren he held management positions with Lucent Technologies and Bell Atlantic.