Boeing Employees Credit Union
Dr. Sean Murphy is an accomplished cybersecurity executive with more than 20 years’ experience leading information security and risk management in highly regulated industries and fast-paced organizations in the military, healthcare, and financial services space. In his current role as SVP, CISO at BECU, he is responsible for providing and optimizing an enterprise-wide security program and architecture that minimizes risk, enables business imperatives, and further strengthens the company’s security posture.
Learn more about the Seattle CISO community here.
Give us a brief overview of the path that led to your current role.
My security journey began during my service in the Air Force Medical Service when I had the challenge of applying some level of Department of Defense (DoD) information assurance controls on networked, commercial medical devices. Talk about an immovable object against an unstoppable force. That was in 2004.
After retirement from the Air Force, I had a couple of other unique opportunities taking the reins in 2 post-data breach organizations in healthcare. Building and rebuilding teams and programs in both scenarios taught me a great deal about the clinical and business value of security in organizations. Those challenging experiences gave me the courage to step outside of the healthcare industry and take on my current role in financial services as SVP and CISO at BECU.
What is one of your guiding leadership principles?
Integrity first. There is so much included in that principle. Say what you mean, mean what you say. Be accountable and hold others accountable. Take care of your people. All that and more is inside of being a leader with integrity.
With disruption being a key theme of recent years, where do you see the CISO role going in the next 1-2 years?
If we develop our newer CISOs coming up, the CISO role, including my own, will move further out from under a Technology or IT role and higher up in the organization to be a true C-level position. But, that happens only if CISOs develop the ability to drive security strategy while understanding and enabling the business strategies alongside their peers.
What advice would you give to someone just starting out as a CISO?
Know your stuff and never compromise your integrity. It's pretty simple. Your customers, your organization, your Board, all count on you to be the one person who will identify risk and stand firm in preventing security failures. Of course, you'll have lots of occasions for delivering positive reports and helping the business succeed via security. Those are much easier to lead through. No one needs advice to navigate through those times.
Tell us three fun facts about yourself.
- I was one question away from winning, "Who Wants to be a Millionaire?"... at the DisneyWorld MGM studios park.
- If you ever wonder who the crazy people are that buy art off of a cruise ship… I know a guy.
- A prized possession - you can sometimes find me riding around in my 1979 VW convertible Super Beetle (one of only 2000 ever made, I am told as they were discontinued in the US that year). I have had it since 1996, 2 engine rebuilds ago.
What is the value of joining an Evanta community?
The value of joining (and participating in) the Evanta community is summed up by a phrase I stole from someone somewhere - “Networking beats not working.” The benefit of meeting new people, exchanging ideas, commiserating, and making friends is key to success. For the folks just starting in this business, you will be surprised how often you meet people in these communities who either hire you down the road… or put in a great word for you as a reference.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.