
Fellow Spotlight: Paul McGreevy
As one of the Pell Center’s new adjunct fellows for cybersecurity, Paul McGreevy is ready to bring his expertise to the Rhode Island Corporate Cybersecurity Initiative.
McGreevy has spent more than 14 years as a senior management and IT consultant with KPMG LLP, BearingPoint Inc. and Deloitte Consulting LLP, where he specialized in business strategic planning, organizational development and technology architecture for federal agencies. He also served as director of the Department of Business Regulation from 2011-2015, serving statutorily as the state banking commissioner, commissioner of insurance, real estate administrator and state boxing commissioner.
Through your experience in technology consulting and government, you’ve cultivated proficiency in strategic planning, business development and, above all, a strong understanding of both the private and public sectors. Why should companies, especially private financial institutions, care about cybersecurity and data protection?
As cyber attacks of all varieties become more prevalent, the bottom line of companies will be more impacted. This may be through actual financial theft, loss of intellectual property and reputation, and/or exposure to legal liability, either civil or criminal. This last impact may be the most significant in the coming years as privacy concerns generate shareholder and customer law suits.
How have you seen the response to cyber threats evolve in the financial industry over the past decade?
In the recent past, losses from cyber attacks were seen as a cost of doing business. However, as these known costs go up combined with the unknown legal risks, there appears to be a growing awareness and acceptance that cyber risk needs to be managed as a business problem, not just a technical one.
In the past few years, companies have also added new C-level roles—Chief Digital Officer (CDO) and Chief Information Security Officer (CISO). For companies who do have CDOs and CISOs, do you think they have been successful in preventing or at least mitigating cyber incidents vs. companies without CDOs and CISOs?
The key factor is not the title or adding another box to the organization chart, but what authority these positions have and their relationship with the other C-level roles – and the Board of Directors for public companies. If they are truly part of the leadership team and business decisions, then they can be more successful.
What can be done to encourage more companies and organizations to understand the importance of a strong cybersecurity position within their organization and to invest in best cybersecurity practices?
The biggest impact can be achieved by making the leadership more aware of the nature of the threat, and that it is evolving rapidly, and their central role in mitigating the effects. The Pell Center is positioned to help in this dialog. This is the critical role the Pell Center is playing today.
You actively reached out to Francesca Spidalieri, the Pell Center’s Senior Fellow for Cybersecurity Leadership, to become more involved with the Center. How did you identify the Pell Center as a leader in cybersecurity research and as a leading facilitator of public-private partnerships, information-sharing efforts, and cybersecurity education/training in the state?
As a former director of a state regulatory agency of financial institutions, I recognized we needed help in defining and addressing this issue from a top-down, leadership perspective as opposed to a purely technical one. The Pell Center is perfectly positioned to assist in this way. They assisted our agency with awareness training and facilitating cross agency discussions involving legislation, policy development, table-top planning exercises and even intern support. I hope I am able as an adjunct fellow at the Pell Center to further develop partnerships with both government and private entities in order to increase our economy’s ability to address the cyber threat.
Beyond mitigating cyber threats, what are other pressing economic challenges our elected officials will have to face?
I believe there is an economic opportunity in the world of cybersecurity challenges in which we find ourselves. In addition to the direct business opportunities for firms that can assist in mitigating the threat, general economic growth can be facilitated by the local, state, or national economy that can create the business climate that fosters a proactive view of cybersecurity. This economy will attract business and encourage start-ups that seek a safer environment than might be available elsewhere. This will be true for small as well as large businesses since as the nature of the threat multiplies all types of companies may be targets.

A Sneak Peek of Story in the Public Square on RI PBS
Go behind the scenes as the Pell Center tapes the pilot episodes of “Story in the Public Square,” scheduled to air on Rhode Island PBS in Fall 2015.

Gov. Raimondo Appoints Pell Center Senior Fellow to RI Cybersecurity Commission
NEWPORT, R.I.—Pell Center Senior Fellow for Cyber Leadership Francesca Spidalieri has been appointed by Governor Gina M. Raimondo to the newly established Rhode Island Cybersecurity Commission (RICC).
The new commission is tasked with developing a clear strategy to make Rhode Island more secure and resilient to cyber threats while simultaneously fostering innovation and economic development opportunities in the state. The Executive Order establishing RICC was signed in May 2015, and its members met in June to set goals and a timeline for their work.
“I am honored to be a part of the governor’s cybersecurity commission,” Spidalieri said. “Working with colleagues in both the public and private sector from across the state gives us a great opportunity to help position Rhode Island as cybersecurity leader. I hope our recommendations to Governor Raimondo will serve as an example for other states to follow.”
Spidalieri’s first task for the commission will be to brief its members during their first public summit on July 16, 2015, at the U.S. Naval War College in Newport. Her presentation will review examples of how other state governments have structured and organized their responses to cyber threats. Her research and findings in this area will also be the subject of an upcoming Pell Center report: “State of the States on Cyber.” The Pell Center will host the afternoon session of the July summit on frameworks for protection and resiliency, and the entire summit on October 15th focused on industry and workforce development.
In addition to her review of other state responses to cyber threat, Spidalieri will provide input and expertise for the commission’s working group on Workforce Development and Skills Training. The working group is charged with conducting an assessment of the current cybersecurity workforce development and education activities in Rhode Island, including curricula, certificates, and training credits offered, and to develop a set of recommendations that address both gaps and opportunities. Several of Spidalieri’s studies at the Pell Center explore similar issues, giving her and the commission a ready-body of knowledge from which to draw.
“Francesca’s appointment to the Rhode Island Cybersecurity Commission speaks to all that she has accomplished at the Pell Center,” said Pell Center Executive Director Jim Ludes. “She’s played a giant role in our development of real expertise in cybersecurity leadership. So this appointment isn’t just an opportunity—it’s recognition for her role as a thought leader in the state. We’re grateful to her for all she’s done, and happy that other people see it too.”
New Pell Center Adjunct Fellows Bring Additional Expertise
Newport, R.I.—Three accomplished professionals have joined the Pell Center as fellows. Brandon Catalan and Paul McGreevy will be contributing their expertise to the cyber leadership project and the Pell Center’s Rhode Island Corporate Cybersecurity Initiative (RICCI), whereas Brig. Gen. Peter Zwack, USA (Ret.) will provide insight on international affairs, especially the West’s relationship with Russia.
“Over the past few years, the Pell Center has built a cohort of thought leaders from a variety of different fields,” said Pell Center Executive Director Jim Ludes. “This new crop of fellows is no different. From the technical to the strategic, the expertise Brandon, Paul, and General Zwack bring to the Pell Center reflects the challenges facing the United States today.”
General Zwack recently retired after more than 34 years of military service, in his final posting as the U.S. defense attache in Moscow after serving in key leadership and staff positions in Afghanistan, South Korea, the Balkans, and Germany. In Moscow, Zwack was eyewitness to the tumultuous events and troubling changes in President Putin’s Russia with serious consequences for U.S. security.
“General Zwack brings wonderful recent experience in Russia at a time when U.S.-Russian relations are troubled,” continued Ludes. “We’re lucky to have him working with us.”
Catalan has close to a decade’s worth of combined government and academic experience in the fields of digital forensics, cyber intelligence, network exploitation, and information security. He has held technical leadership roles in defense industry where he provided counter-intelligence support to focused cyber operations and has also served with several agencies within the U.S. intelligence community on matters relating to surveillance and target acquisition, cyber exploitation, malicious code forensics, and adversarial tactics, techniques, and procedures.
After serving in the Navy and reaching rank of lieutenant commander, McGreevy spent more than 14 years as a senior management and IT consultant with KPMG LLP, BearingPoint Inc. and Deloitte Consulting LLP, where he specialized in business strategic planning, organizational development, and technology architecture for federal agencies. McGreevy also served as project manager for Lincoln Chafee’s winning gubernatorial campaign, as well as Director of the Department of Business Regulation from 2011-2015, serving statutorily as the state banking commissioner, commissioner of insurance, real estate administrator, and state boxing commissioner.
Senior Fellow for Cyber Leadership Francesca Spidalieri praised Catalan and McGreevy. “As the Cyber Leadership project gains momentum,” she said, “Brandon’s background in advanced cyber threats and digital forensics and Paul’s approach to cybersecurity through the business and finance industry will serve as great assets to both our research and community engagement efforts.”