Earl is a front runner amongst the most talented cybersecurity risk management experts. I had the opportunity to work with Earl for nearly a year at Johnson Financial Group collaborating on several cybersecurity risk initiatives. I am particularly impressed at Earls ability to bring leading edge risk management strategies and models to the table and extract maximum value out of a GRC tool. Earl always approached his work with a "bridge building" mentality. He has maintained excellent collaboration with Risk, Cybersecurity, Vendor, Information Technology, Audit and Compliance teams. Earl would provide tremendous value to any Risk Management and/or Cybersecurity leadership consulting opportunity or leadership position.
I have known Earl since our time at Foundstone and I have stayed in touch with him over the years. Earl is analytical and a life-long learner. While he has developed especially deep skills in policy and risk management, he built that expertise on a solid technical base by doing hands on assessment work. That allows him to balance theory with practicality. I know no one with a more complete understanding of government policy, industry compliance standards and strategic risk assessment.
I have not met many people that have more passion than Earl Crane for the cybersecurity profession as a whole, and for helping people achieve their goals. He is an excellent instructor for our CISO-Executive students, teaching them not just the principles of security governance and risk management but practical hands-on application of these principles within their roles as security professionals. We are very fortunate that he is part of the CMU family!
Earl and I met when Promontory was first developing its practice in cybersecurity and cyber-risk management. He was a new member of a company entering a new field, and he was returning to the private sector after years of public service. Almost immediately, however, he took on a central role, becoming someone that I and many others—senior and junior, colleagues and, more still, clients—could turn to for guidance and leadership. I was far from the only one to benefit from his expertise, his generosity, his mentorship, and his persistent willingness to help, regardless of the load he might be carrying.
I had the pleasure of working with Earl for several years at Promontory Financial Group. Earl is a cyber security expert and a great colleague. As you would expect from a Director, Earl provided keen insight into cyber and technology risk issues, practical guidance on governance, risk and control issues, and some killer metrics with standout dashboards. Our clients always came back for more Earl.
I worked with Earl for two years at the White House and saw his rare combination of deep technical knowledge, business savvy, and great personal skills in action up close. Earl accomplishes more in a day than most people do in a week. He worked at the highest levels of government, working through each individual agency with Chief Information Officers and the Office of Management and Budget. Even after he left government he was my go-to resource for advice on Federal cybersecurity.