Tim Layton Photo

Tim Layton is a cybersecurity risk management professional with a proven track record spanning over 25 years in some of the world’s leading organizations possessing technical, business, and leadership skills.

Tim has a proven track record of thought leadership on how to quantify, navigate, and balance cyber risks across the modern cloud-centric enterprise.

I believe knowledge is power and this is why I openly share my knowledge and experience with cyber risk quantification in our modern public cloud computing paradigm.

I am deeply passionate about quantifying cyber risks in economic terms for enterprise stakeholders and decision makers at the speed of cloud computing.

-Tim Layton

Tim Layton has over two decades of hands-on cybersecurity experience to include public and hybrid cloud environments spanning dozens of countries. Tim’s expertise includes cyber risk assessment and analysis using quantitative methods, secure cloud architecture design, security controls and countermeasures development, cyber program audit, compliance, and threat modeling.


  • VP, Information Security Officer (Global Financial Institution)
  • Cloud Cybersecurity & Risk Management Advisor (Cloud Security Risk Consultant)
  • Principal, Global Theater Cybersecurity Services (Cisco Systems)
  • Principal, Security & Risk Management Practice (EMC Corp.)
  • VP, Cybersecurity Strategy (Wells Fargo Bank)
  • CEO (Technology Startup)


  • MBA, BA – Lindenwood University, St. Louis
  • CCSK – Certificate of Cloud Security Knowledge # LtuXWB2QCFFE9vdRPrdTsubZ
  • AWS Certified Cloud Practitioner (CLF-C01) 411052573 (Credly Badge)
  • AWS Solutions Architect (SAA-C03) preparing for the exam
  • AWS Technical Professional Accreditation 031421
  • AWS Business Professional Accreditation 031521
  • AWS Cloud Practitioner Essentials 031621
  • AWS Security Fundamentals 031721
  • AWS Well-Architected Best Practices 040821
  • AWS Cloud Economics 040921
  • AWS Security Governance at Scale 041822
  • CISSP – Certified Information Systems Security Professional # 28180
  • SANS GSEC – Global Information Assurance Security Expert # 1972
  • SANS GCIH – Global Information Assurance Certified Incident Handler # 312
  • SANS GCFW – Global Information Assurance Certified Firewall Expert # 265
  • ECNE – Novell Enterprise CNE #605
  • SCO ACE – SCO Unix Engineer #1970
  • SANS GREM – Reverse Engineering Malware
  • DATA SOCIETY – Data Science with R
  • JOHNS HOPKINS UNIVERSITY – Data Science Certificate

Get My Free Cloud Security Risk Management Journal


“I’ve worked with Tim at a number of different companies and organizations where he was a strategic advisor transforming and advancing their cybersecurity capabilities. Tim has the very rare ability to traverse and address cybersecurity challenges that span board level engagement, building robust information security programs, designing complex security architectures, to being able to personally conduct advance cyber threat hunting using the latest capabilities in security intelligence, data analytics, and visibility tools. Yet he is able to do all of this, with a very mature and consistent focus on ensuring that cybersecurity remains about enabling strategic business outcomes through effective risk management. He is a unique and rare talent in the field of cybersecurity.” -Mark Brooks, CISO PPL Corporation

“Tim Layton is easily one of the most talented, strategic and impactful cybersecurity leaders that I have ever had the pleasure to work with. He understands cybersecurity with a depth of “up and down the stack” knowledge and insight of what matters most to protect the business. And he does this with the savvy to easily translate those insights across organizational levels so that strategies are understood by senior leadership with a clear path to delivering on the strategy.” -Sally Dovitz, CISO, Yanfeng Automotive Interiors

“Tim Layton is an exceptionally talented CISO, with an outstanding depth and breadth of knowledge in all of the technical areas required for that complex and challenging position. Tim regularly exceeded all of my expectations as a vendor to him. Tim was always eager to accept increased responsibility and provide direction to move a project forward. During our engagement, Tim handled difficult projects involving documenting applications that needed pen testing which were long past due. His coordination with multiple individuals across many different corporate areas in such a short time helped move the project forward when traction could not be achieved in over a year. I am certain that he will be a success in any position in which he has the opportunity to serve.” -Rob Sherman, Dell EMC

“I had the opportunity to work with Tim Layton over the past year. He’s extremely knowledgeable, experienced and organized. Tim is able to put structure around difficult situations and lead his team and those around him to success. I’d highly recommend Tim for any leadership position within Information Security or Risk.” -Matthew Pascucci, Director Security Operations, Evercore

“The words that come to mind when I think about Tim are professional, entrepreneur, leader, technologist, and innovator. He possesses an uncommon ability to deliver business solutions while understanding the complex underpinnings of the technology. I had the pleasure of working for Mr. Layton and benefited greatly from his guidance.” -John Roosa, CIO, Stupp Brothers Corp.

“During my time with Cisco, I worked with Tim on the same team to consult other CSO, CISOs, CIOs, etc. Tim had a distinct approach how to engage with clients to garner their trust and build relationships. We shared insights and observations and Tim has proven to be a great resource – he is ahead of the game and on top of that has strong technology skills that he knows to leverage when needed. Aside from Cisco I consider Tim a strong cyber security expert that has delivered value to the industry via his services to companies, blogs, and books. I can recommend Tim to any client or organization” -Michael Oberlander, CISO

“Tim is one of the most well-rounded, technically grounded executives I’ve ever had the good fortune to work with. I worked with Tim as a peer advising senior executives on cyber security matters spanning multiple industry verticals. The majority of engagements were with large Fortune listed global organizations that were seeking professional advisory services at the highest levels in the organization. I enjoy working with Tim and I respect his deep technical knowledge and business acumen. I would recommend Tim as a strategic cyber security leader and advisor to any organization seeking these types of services.” -Cathy Pitt, CISO, Pearson North America

“I’ve had the pleasure of working with Tim over the last year and found Tim to be one of the most insightful experts in the field of Cyber Risk. Tim not only understands the technical domains but also the businesses implications of Cyber Risk. This comprehensive insight has provided Dynetics an essential contribution to our Cyber Risk management solutions as well as the marketing and delivery of those solutions.” -Robert Dowling, Auburn University

Get My Free Cloud Security Risk Management Journal