Governing Body Spotlight

Governing Body Member of the Toronto CISO Community

Andrey Spiwak

Senior Director, Cybersecurity, Resilience and Governance


Andrey Spiwak has over 25 years of experience specializing in leading Information Security Governance, IT Risk Management, Cybersecurity, IT project management, Compliance, Operational Risk, and Enterprise Technology initiatives. Within his 19 years at Manulife/John Hancock, Andrey has held a number of leadership roles in Governance and Risk Management, Cyber Operations, Application Development, Disaster Recovery, & Program Management. 

Andrey is currently leading the John Hancock Cyber Incident Response and Threat Intelligence programs, the John Hancock Security Logging and Monitoring program, the JH Standards Change Management and Issues Management teams and the Path To Green (P2G) program for JH IT.

Learn more about the Toronto CISO community here.

Give us a brief overview of the path that led to your current role.

I did not start in cybersecurity. I have a Masters Degree in Geographic Information Systems (GIS), and I was ready to be a cartographer but a keen interest in technology overall distracted me. Slowly, I was drawn into the larger world of IT and then took on security and risk responsibilities.

What is one of your guiding leadership principles?

Listen first, talk a distant second.

With disruption being a key theme of the past few years, where do you see your role as a CISO going in the next 1-2 years?

With the number of threat actors and potential threat vectors increasing, I see my role in Incident Response and Threat Intelligence becoming busier and more critical. The addition, governance and compliance responsibilities make me realise how all aspects are interconnected.

What advice would you give to someone just starting out in the role as a CISO?

Be patient and learn as much as you can while still having fun.

Tell us 3 fun facts about yourself.

  1. I still have my vinyl records.
  2. I have a new puppy.
  3. I was once a radio DJ.

What is the value of participating in a professional community through Evanta?

To me the value is in making connections in the industry in the Toronto area, and also learning from the wide variety of professionals about their experiences - as everyone has the same issues but at different points in their career.

Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.

by CISOs, for CISOs

Join the conversation with peers in your local CISO community.