Governing Body Spotlight

Co-Chair of the Toronto CISO Community

Brenda McCulloch



Brenda has 20 years of experience in information security and is the CISO at Teranet. She has been a guest speaker/panelist on a number of security topics for organizations such as ACAMS, CIMA, IOSCO, IIAC, ISACA, IIROC, and NetDiligence.

Prior to her role at Teranet, Brenda was the Director of Information Security at IIROC and had reporting responsibilities on the security program at the board level. Her leadership in delivering the security program achieved significant security posture growth enterprise-wide as independently validated by third parties.

Prior to IIROC, she was a Senior Manager at the professional services firm Deloitte. She served more than a hundred North and South American clients, providing management consulting in security, such as security strategy advisory, vulnerability and penetration assessments, and Payment Card Industry advisory.

Brenda is an alumnus of the University of Toronto with a Computer Science background and holds various certifications, including CCISO, CISSP, GSLC, CISM, and CISA.

Learn more about leaders in the Toronto CISO community here.

Give us a brief overview of the path that led to your current role.

I did many different roles within IT and focused on gaining industry-needed technical skills initially, which eventually opened up the doors to a consulting role. After that, I joined an opportunity to build a security practice in-house. External client and internal roles combined with my previous experience gave me a vast portfolio, which also helped me land the CISO role. 

What is one of your guiding leadership principles?

Be authentic.

With disruption being a key theme of the past year, where do you see your role as a CISO leader going in the next 1-2 years?

I believe more organizations will recognize the need for this role and will have more reporting responsibilities at the Board level. Boards are asking more questions related to their organization’s security posture and proactive measures, fueled by cyber industry news, including zero-day vulnerabilities.

What advice would you give to someone just starting out in the role?

Find a mentor outside your boss. Ask the mentor to gather feedback on your work and be open-minded. Your willingness to listen and change will help you grow rapidly. 

Tell us 3 fun facts about yourself.

  • Enjoy biking on nature trails and skiing with my family.

  • I have an interior design thumb.

  • Fan of Raptors, Leafs, and Avengers.

What is the value of participating in a professional community through Evanta?

Connections with peers, as our collective experience can augment each other’s perspectives and knowledge for timely application. Peers need to help each other as everything is pretty much connected. Similarly, if you take the example of the Covid vaccine rollout, vaccination of the global community is important (not just in your own local community).



Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.


by CISOs, for CISOs

Join the conversation with peers in your local CISO community.