Governing Body Spotlight

Co-Chair of the Chicago CISO Community

Mike Zachman

VP & Chief Security Officer

Zebra Technologies

Mike Zachman is the VP & Chief Security Officer (CSO) at Zebra Technologies, where he has global responsibility for product security, information security, and corporate security. Zachman is an experienced global leader with over 30 years of information security, risk management and information technology expertise. 

Previously, Zachman was Chief Information Security Officer (CISO) at Caterpillar, Ecolab, and Forsythe Technologies.  Zachman holds an undergraduate degree in management information systems from Millikin University, and a master’s degree in business administration from Bradley University. He is a Certified Information Security Manager, Certified Internal Auditor and is Certified in the Governance of Enterprise IT. He serves on the national Board for Easter Seals, and is also an active volunteer with Junior Achievement.

Learn more about the Chicago CISO community here.

Give us a brief overview of the path that led to your current role.

It was about halfway through my career when I made the pivot from IT into cybersecurity.  At Caterpillar, I was asked to lead the IT Audit team within Internal Audit. Having served numerous IT roles before, I was not too excited about this. No offense to my friends in Internal Audit, but my first question was “What did I do wrong?” However, my CIO explained to me that Sarbanes-Oxley (SOX) was coming, and Internal Audit was leading the development of SOX controls. He said he trusted my judgment and needed my help. So, I led the development and deployment of Caterpillar’s IT General Controls where I developed my “love” for managing risks and controls.

What is one of your guiding leadership principles?

I subscribe to the “servant leader” model of leadership. I believe my primary job is to support my team by establishing a clear vision, removing obstacles, providing help, and offering coaching. I am here to help them be successful, not the other way around. 

With disruption being a key theme of recent years, where do you see the CISO role going in the next 1-2 years?

The role of CSO/CISO is only going to continue expanding in terms of scope and influence. For many companies, it's already moved out of the data center and into the Boardroom. This trend will continue to accelerate as most companies embrace "digital" as a fundamental strategic element. Even the legal and regulatory landscape, which typically lags behind, is beginning to catch up with the fact that cybersecurity is both fundamental and strategic to modern business.

What advice would you give to someone just starting out as a CISO?

It's hard to be brief, but I'll try!

  • First, be a great communicator - both a listener and a presenter.   
  • Second, know your environment. It’s extremely difficult to protect what you do not know you have.  
  • Third, know your defenses. Based upon your inventory, you need to make sure you have taken appropriate steps to protect your assets. “Appropriate” is an important word, because not all assets should be protected the same.  
  • Fourth, practice your response. You will have a security incident/breach. It is simply a matter of time, so any good cybersecurity program includes effective incident response.  
  • Last, be a great communicator. Yes, you need to begin and end with communication!

Tell us three fun facts about yourself.

  1. I've lived in three countries.
  2. I'm an avid (though not very good) golfer.
  3. I'm a proud grandfather.

What is the value of joining an Evanta community? 

Harnessing the power of your peers is an "Easy Button" every CSO/CISO should leverage.  Cybersecurity is a unique profession in that we don't see our peers as competitors. We all have a common enemy and we all benefit from a stronger collective defense.

Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.

by CISOs, for CISOs

Join the conversation with peers in your local CISO community.