Governing Body Spotlight

Governing Body Member of the Ohio CISO Community

Jagan Kolli

Information Security Officer

Great Lakes Cheese

Jagan Kolli leads the Data Security and Digital Product Security teams at Avery Dennison, and is responsible for data loss prevention, digital workspace security, security awareness, and M&A due diligence. He helps business leaders instill cyber hygiene and protect innovation through risk based, data-driven, and people-centric security approaches. Before joining Avery Dennison, Jagan served in a number of IT roles at GE, JP Morgan Chase, where he became familiar with the challenges faced by global security teams.

Learn more about the Ohio CISO community here.

Give us a brief overview of the path that led to your current role.

I started my career as a software developer and progressed to security engineer, security architect, and then security leader. I focused on building a strong security culture in each role, integrating security into all aspects of the business. I worked my way up to increasingly senior roles at multiple Fortune 500 companies, leading large teams of security professionals and overseeing security operations across multiple business units. 

Now, as the director of cybersecurity at Avery Dennison, I'm responsible for developing and implementing the organization's overall data and digital product security strategy. I've gained 17 years of experience in the field and developed a passion for cybersecurity that continues to drive me in my current role.

What is one of your guiding leadership principles?

One of my guiding leadership principles is to lead by example. As a leader, I believe it's important to set a positive tone for the team by modeling the behaviors and qualities that I expect from others. This means being accountable for my actions, communicating clearly and transparently, and demonstrating a strong work ethic. By leading by example, I hope to inspire my team to be their best selves and to work together towards our shared goals.

With disruption being a key theme of the past few years, where do you see your role as a CISO going in the next 1-2 years?

The increasing sophistication of cyber threats and the rapid pace of technological change mean that we must be proactive in adapting to these changes. In the next 1-2 years, I see my role as focusing on building a strong security culture throughout the organization and integrating security into all aspects of the business. ​

The fast changing and challenging nature of the cyber threat landscape warrants cybersecurity leaders to work more closely with C-level executives and departments such as operations, ​legal, ​and ​communications to ensure that we are aligned in our approach to cybersecurity and that we are prepared to address emerging threats​ effectively​. Additionally, I will leverage emerging technologies and best practices to improve our cybersecurity posture and mitigate risks. By building relationships and connecting the dots across the organization, I believe that I can help our organization navigate disruption and position ourselves for success in the years ahead.

What advice would you give to someone just starting out in the role as a CISO?

Build relationships: Cybersecurity is a team effort, and it's critical to build strong relationships with stakeholders across the organization. Take the time to understand their perspectives and priorities, and work collaboratively to achieve common goals.

Stay up to date: Cybersecurity is a rapidly evolving field, and it's important to stay informed about emerging threats and best practices. Read industry publications, attend conferences and webinars, and network with other cybersecurity professionals to stay on top of the latest trends.

Communicate clearly: Cybersecurity can be a complex and technical field, but it's important to be able to communicate clearly and effectively with stakeholders at all levels of the organization. Practice translating technical jargon into layman's terms so that everyone can understand the risks and benefits of different security measures.

Be proactive: Don't wait for a breach or cyber attack to occur before taking action. Be proactive in identifying potential risks and vulnerabilities, and develop a plan for mitigating them before they become a problem.

Focus on the basics: While it's important to stay up to date on emerging technologies and trends, don't neglect the basics of cybersecurity. Ensure that your organization has strong password policies, access controls, and patch management procedures in place.

Tell us 3 fun facts about yourself.

  1. I was captain of my college cricket team.
  2. Cooking is my stress buster.
  3. ​I enjoy teaching kids about Lego Robotics​.

Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.

by CISOs, for CISOs

Join the conversation with peers in your local CISO community.