SIGN UP FOR FREE | SIGN IN
Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Lee Vorthman

Chief Security Officer at Oracle

Denver Metropolitan Area, United States

As an experienced C-Level executive (CSO, CISO, CTO) and board member I have a strong background in governance, finance, technology, risk management, human resource management, compliance and strategy for both large public companies and startups. I have a breadth of experience across multiple industries including Technology, Government & Defense, Education and Oil & Gas. I have successfully partnered with businesses to build and mature security programs that reduce overall risk, create trust and align with the organization's goals and values. I have also successfully created and executed plans to help public companies evaluate and capitalize on new market opportunities for technology and security. As a veteran and board member, I bring a unique perspective into the evolving security and technology landscape and have successfully advised multiple startups and non-profits to success.

I am currently the Chief Security Officer (CSO) for Oracle Advertising where I oversee the security strategy and operations for one of the world's largest digital marketing and advertising platforms. I lead a global team of security experts who are responsible for protecting the data, assets, and reputation of our clients and partners across the advertising ecosystem. I have previously been a Chief Information Security Officer and a Chief Technology Officer.

Thoughts and opinions are my own and not reflective of my employer.

Lee Vorthman Points
Academic 0
Author 28
Influencer 26
Speaker 0
Entrepreneur 0
Total 54

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Enterprise
Business Unit: Advertising
Theatre: Wold Wide
Minimum Project Size: $100,000+
Average Hourly Rate: $300+
Number of Employees: 100,000+
Company Founded Date: Undisclosed

Areas of Expertise

Business Continuity 30.12
Business Strategy 30.07
Careers 30.31
Cloud
Culture
Cybersecurity 30.65
DevOps
Digital Transformation 30.01
IT Leadership 30.11
IT Operations
IT Strategy 30.23
Leadership 30.36
Management
Mergers and Acquisitions 30.15
Privacy
Product Management
Security 31.09

Industry Experience

Publications

26 Article/Blogs
How CIOs, CTOs and the rest of the C-Suite Can Better Support CISOs
Import from wordpress feed
July 31, 2024
There are a variety of reporting structures for CISOs, such as reporting to the CTO, CIO, CFO or CEO. No matter who the CISO reports to, the CISO is still an integral part of the C-Suite. Yet despite this, CISOs don’t always receive full support from the rest of their C-Suite peers, which can caus

See publication

Tags: Cybersecurity, Leadership, Security

A CISO’s Analysis Of the CrowdStrike Global Outage
Import from wordpress feed
July 23, 2024
Overnight from July 18 to July 19, 2024, Windows systems running CrowdStrike ceased functioning and displayed the blue screen of death (BSOD). As people woke up on the morning of July 19th they discovered a wide reaching global outage of the consumer services they rely on for their daily lives, such

See publication

Tags: Cybersecurity, Leadership, Security

Tips For Managing Anxiety, Stress, Burnout and Mental Health
Import from wordpress feed
July 16, 2024
CISOs have been in the hot seat lately, particularly related to personal liability, increasing regulatory pressure and a shifting technological landscape. Compound these macro issues with the internal demands CISOs deal with such as incidents, budget cuts or political battles for relevancy and it is

See publication

Tags: Cybersecurity, Leadership, Security

How Should CISOs Think About Risk?
Import from wordpress feed
July 10, 2024
There are a lot of different ways for CISOs to think about and measure risk, which can be bucketed into two different categories. Qualitative measurement, which is a subjective measurement that follows an objective process or quantitative measurement, which is an objective measurement grounded in do

See publication

Tags: Cybersecurity, Leadership, Security

Should CISOs Be Technical?
Import from wordpress feed
July 02, 2024
Don’t want to read this? Watch a video short of the topic here. There are a lot of different paths to becoming a CISO and everyone’s journey is different, however two of the most common paths are coming up through the technical ranks or transitioning over from the compliance function. Co

See publication

Tags: Cybersecurity, Leadership, Security

Are Security Certifications Worth Renewing?
Import from wordpress feed
June 18, 2024
Almost weekly I see someone post a question on social media asking: “Is renewing my security certification worth it?” This is a valid question since security certifications are often expensive, time consuming and hard won. Maintaining your security certification may be required to land a

See publication

Tags: Cybersecurity, Leadership, Security

Navigating Hardware Supply Chain Security
Import from wordpress feed
June 04, 2024
Lately, I’ve been thinking a lot about hardware supply chain security and how the risks and controls differ from software supply chain security. As a CSO, one of your responsibilities is to ensure your supply chain is secure, yet the distributed nature of our global supply chain makes this a c

See publication

Tags: Cybersecurity, Leadership, Security

Accelerate Your CISO Career By Investing In Your Brand
Import from wordpress feed
May 28, 2024
When I was in the military there was a single consistent phrase that was repeated to us over and over again – reputation matters. Even though the military is a large organization, your specialization creates a small group and so how you perform and behave will stay with you throughout your car

See publication

Tags: Cybersecurity, Leadership, Security

Whats The Difference Between A CSO and CISO?
Import from wordpress feed
May 21, 2024
Like Arnold Schwarzenegger to Danny DeVito in the movie Twins, the Chief Security Officer (CSO) role is the big brother to the Chief Information Security Officer (CISO) role. What is the difference between these two roles and what skills does a CISO need to focus on if they aspire to become a CSO? I

See publication

Tags: Cybersecurity, Leadership, Security

When Evaluating A New CISO Role Don’t Forget The SEC 10-K And Other Governance Forms
Wordpress
May 14, 2024
Did you know there are publicly available documents that can provide a wealth of information about how a public company governs and prioritizes cybersecurity and risk? When preparing for a new CSO / CISO role it is important to research the company thoroughly and areas that have a wealth of information are SEC forms and board documents. CSO / CISO candidates should review these documents to get a sense of how the company views the security function and also identify red flags so you can discuss these topics during the interview.

See publication

Tags: Business Strategy, Careers, Cybersecurity

Start Preparing For Your Next Role During Your Current Role
Wordpress
May 07, 2024
My latest article discusses how to set your career on a path for success by planning for your next role in your current role. In this article I discuss top tips such as how to gain experience, what credentials to get and how to be ready when your dream job opens up!

Like my articles? Follow me, subscribe to my newsletter or subscribe to my blog (link in bio).

See publication

Tags: Careers, Cybersecurity, Leadership

What’s Better – Complete Coverage With Multiple Tools Or Partial Coverage With One Tool?
Wordpress
April 30, 2024

See publication

Tags: Cybersecurity, IT Leadership, IT Strategy

If Data Is Our Most Valuable Asset, Why Aren’t We Treating It That Way?
blog.370security.com
April 23, 2024
Over the past two decades, data has become the most valuable asset for every business. However, recent ransomware attacks and data breaches show that businesses continue to fail to properly secure and govern this critical asset.

In my latest newsletter article, I explore how businesses have evolved into digital data hoarders and cover common data security assumptions that can lead to hidden risks. I conclude the article by making several recommendations for best practices to properly secure and govern your data, so data breaches and ransomware can become a non-event.

It's time to take action and properly secure your data. Check out the article for some valuable insights and recommendations.

See publication

Tags: Business Continuity, Cybersecurity, Digital Transformation

Security Considerations For M&A and Divestitures
blog.370security.com
April 16, 2024
Mergers, acquisitions, and divestitures are commonplace in the corporate world. However, have you considered the security implications and risks that come along with them? How involved should the security team be and what are some key risks to consider? In my latest newsletter article, I explore specific security considerations for M&A and divestitures. Check it out!

See publication

Tags: Business Strategy, Cybersecurity, Mergers and Acquisitions

Are We Peak CISO?
Import from wordpress feed
April 02, 2024
Let’s be honest…the CISO role is weird right now. It is going through a transformative phase and the industry is at an inflection point similar to what other C-Level roles (like the CFO) have gone through in the past. What makes the role weird? The CISO community and any company that has

See publication

Tags: Cybersecurity, Leadership, Security

370 Security Blog
Wordpress
March 28, 2024
Documenting the experience of being a Chief Security Officer (CSO) at one of the largest cloud companies in the world

See publication

Tags: Cybersecurity, Leadership, Security

370 Security Blog
Wordpress
March 28, 2024
Documenting the experience of being a Chief Security Officer (CSO) at one of the largest cloud companies in the world

See publication

Tags: Cybersecurity, Leadership, Security

Security Theater Is The Worst
370 Security Blog
March 26, 2024

We have all been there…we’ve had moments in our life where we have had to “comply” or “just do it” to meet a security requirement that doesn’t make sense. We see this throughout our lives when we travel, in our communities and in our every day jobs. While some people may think security theater has merit because it “checks a box” or provides a deterrent, in my opinion security theater does more harm than good and should be eradicated from security programs.

See publication

Tags: Leadership, Security

What’s The Relationship Between Security Governance and Organizational Maturity?
370 Security Blog
March 19, 2024
Organizational and security governance is touted as a key component of any successful security program. However, I’ve been thinking about governance lately and how it relates to the overall maturity of an organization. This has prompted some questions such as: what happens if you have too much governance? and What’s the relationship between security governance and organizational maturity?

See publication

Tags: Leadership, Security

Are Traditional IT Roles Still Relevant In Today’s Modern Security Org?
370 Security Blog
March 12, 2024
First, let’s talk about cloud service models most companies will consume because this is going to determine what roles you will need within your security organization. This post is also assuming you are not working at a hyper-scale cloud organization like AWS, Azure, Google Cloud or Oracle because those companies still deploy hardware as part of the services they consume internally and provide to their customers.

See publication

Tags: Leadership, Security

The Dichotomy Of Security
370 Security Blog
March 05, 2024
If you have ever read Extreme Ownership or The Dichotomy of Leadership by Jocko Willink, then you will be familiar with the concept of dichotomy and how opposing forces of a skill set can compliment each other. Mastering both sides can allow flexibility and increase the effectiveness of that skill set when dynamically applied to a given situation. This is true in the security space, where fundamental opposing forces need to be balanced in order to manage risk and achieve success. Let’s take a look at a few examples.

See publication

Tags: Leadership, Security

We Are Drowning In Patches (and what to do about it)
370 Security Blog
February 27, 2024
First, let’s talk about the patching landscape organizations need to deal with. This is largely spit into two different areas. The first area is operating system (OS) and service patches. These are patches that are released periodically for the operating systems used by the business to run applications or products. Common operating systems for production workloads will be either Windows or Linux and will have stability, security or new feature patches released periodically.

See publication

Tags: Leadership, Security

Are Phishing Campaigns Worth It?
Import from wordpress feed
February 22, 2024
Phishing campaigns are often touted as a complementary exercise to security training as a way to measure training effectiveness. The thought is, if your training is effective, users will be less likely to fall for and click on phishing emails, which will correlate to a decrease in the number of phis

See publication

Tags: Cybersecurity, Leadership, Security

Using Exceptions As A Discovery Tool
Import from wordpress feed
February 13, 2024
Security exceptions should be used sparingly and should be truly exceptional circumstances that are granted after the business accepts a risk. In mature security programs the security exceptions process is well defined and has clear criteria for what will and will not meet the exception criteria. In

See publication

Tags: Cybersecurity, Leadership, Security

Defining Your Security Front Door
Import from wordpress feed
February 06, 2024
A key skill for any security program is to partner with and enable the business to be successful. CISOs need to ensure their security teams are approachable, reasonable and most importantly balancing the needs of the business against potential security risks. While security teams exist to help prote

See publication

Tags: Cybersecurity, Leadership, Security

2 Author Newsletters
Are Security Certifications Worth Renewing?
LinkedIn
June 20, 2024
Along with the variety of certifications there are different ways to earn a certification. The least expensive and most time consuming is to purchase the course material, self study and then sit for the exam. The most expensive and least time consuming is to attend a boot camp and then test for the exam on the last day. If you are lucky your employer will pay for or reimburse the expense of the certification.

See publication

Tags: Cybersecurity, Leadership

What's Better - Complete Coverage With Multiple Tools Or Partial Coverage With One Tool?
LinkedIn
May 02, 2024
The debate between complete coverage with multiple tools versus imperfect coverage with one tool regularly pops up in discussions between security professionals. What we are really talking about is attempting to choose between maximum functionality and simplicity. Having pursued both extremes over the course of my security career I offer this post to share my perspective on how CISOs can think about navigating this classic tradeoff

See publication

Tags: Cybersecurity, Leadership, Security

Thinkers360 Credentials

4 Badges

Blog

Opportunities

Add to Shortlist View Shortlist »

Contact Lee Vorthman

Book a Video Meeting

Media Kit

Share Profile

Contact Info

  Profile

Lee Vorthman

Search
How do I climb the Thinkers360 thought leadership leaderboards?
What enterprise services are offered by Thinkers360?
How can I run a B2B Influencer Marketing campaign on Thinkers360?