Press Release

DeNexus Announces CISO Advisory Board with Experts in Industrial Cyber Risk and Cybersecurity

Initiative reinforces DeNexus' dedication to empowering CISOs in managing cyber risk and actively engaging in board-level cybersecurity decision

BOSTON, MA - May 22, 2024 - DeNexus, a leader in cyber risk quantification and management for operational technology (OT) with Industrial Enterprises and Physical Critical Infrastructures, today announced the formation of its CISO Advisory Board, which brings together industry experts to help security leaders develop a better understanding of their cyber risk.

This initiative will help CISOs working with DeNexus by providing them with expert counsel to help quantify the financial impact of potential cyber incidents and optimize strategies to mitigate or transfer risk to cyber insurance. As CISO responsibilities continue to evolve, these experts in industrial risk and cybersecurity, this board of advisors will leverage decades of industry experience to support security leaders in their efforts to protect their organizations from an expanding landscape of cyber risk.

Inaugural members of DeNexus’ CISO Advisory Board include Dennis Gilbert, Rosa Kariger, Jack Jones, and Tony Souza.

  • Dennis Gilbert, former CISO at Duke Energy, joins DeNexus’ CISO Advisory Board with over 30 years of professional leadership in cybersecurity, information technology, and risk management across both the private and public sectors. His experience encompasses work in the energy and utility sector, as well as with the Department of Defense and intelligence community, providing him with a unique combination of military and civilian security leadership across multiple security domains, including both IT and OT/ICS.
  • Rosa Kariger brings more than 25 years of experience to DeNexus’ CISO Advisory Board. Her wealth of experience in both cybersecurity and risk management represents a unique dual view of cyber risk. She has served as Global Deputy Risk Officer and Global Cyber Security Officer for the Iberdrola Group and has co-chaired the electricity working group of the Systems of Cyber Resilience at the World Economic Forum since 2018.
  • Jack Jones has been a thought leader in security and risk management for over 35 years. Jack has served the cybersecurity community in many ways: first as a CISO, including at a Fortune 100 company, as a member of the ISACA task force on the RiskIT framework, as a leader of the ISACA group that developed the CRISC certification and finally as an author. In addition, Jack is the originator of the now industry standard risk measurement model known as Factor Analysis of Information Risk (FAIR) as well as the FAIR Controls Analytics Model (FAIR-CAM).
  • Tony Souza, Vice President and Chief Information Security Officer at Corteva Agriscience, has over 20 years of experience in senior cybersecurity roles at companies including General Electric (GE), Duke Energy, and CenterPoint Energy. He is also currently a board member for IT-ISAC, a co-chair of Houston CISO’s Governing Body for Evanta, and a chair of HoustonCISO.

“In order for CISOs, OT facility managers, executive boards and underwriters to determine the real business impacts of cyber risk, they need to stop the guessing game and implement a way to truly quantify cyber risk across their fleets of assets,” said Dennis Gilbert, energy industry expert and former two-time Fortune 100 CISO. “DeNexus’ CISO Advisory Board will support these security leaders in identifying and quantifying their risk so they can leverage evidence-based solutions to gain visibility into each facility’s cyber exposure and prioritize risk mitigation efforts.”

“The cybersecurity and risk management community is at an inflection point,” said Jack Jones, cyber risk thought leader. “Threat actors continue to inflict costly damages on corporations despite hundreds of billions of dollars poured into cyber defenses. There is an obvious opportunity to optimize these investments by characterizing cyber risks more precisely, especially in industrial sectors where threat actors are often state-sponsored. I’m looking forward to helping the CISO community through this effort as part of DeNexus’ CISO Advisory Board.”

The traditional CISO role is evolving due to new regulations and cyber threats. Recent developments like the SEC's S/K rules and Europe's NIS2 directive demand better oversight and reporting of cyber risk from the board and executives. This pressure is driving CISOs to elevate cybersecurity from a technical issue to a business-critical one. Additionally, CISOs in critical infrastructure companies are taking on more responsibility for securing industrial assets, cyber-physical systems, and converged IT/OT environments. As attacks on critical infrastructure rise, CISOs must precisely allocate security resources and budgets to mitigate risks effectively.

“We are excited to launch our CISO Advisory Board to provide customers with the expert insight necessary to understand and quantify their cyber risk,” said Jose Seara, CEO and co-founder of DeNexus. “Having notable industry executives such as Gilbert, Kariger, and Souza on the board not only brings unparalleled knowledge and expertise to DeNexus’ clients, but also highlights our dedication to constant innovation and growth.”

DeNexus’ formation of the advisory board is also an invitation to all CISOs in energy, manufacturing, transportation, hyperscale data center operations, and other sectors with cyber-physical assets to collaborate and jointly develop an executive-level, evidence-based plan for cybersecurity and risk mitigation investments.

For more information, CISOs can contact DeNexus at

About DeNexus:

DeNexus is the leading provider in cyber risk modeling for industrial networks. The company is aiming to establish the global standard in industrial cyber risk quantification and management for risk owners, shareholders, investors, boards, and the risk transfer market. Employing advanced simulation, AI, and internal data, DeNexus forecasts incident probabilities, translating them into quantifiable financial risks. Trusted by Global 1000 companies in sectors like power generation, manufacturing, and transportation, DeNexus provides an evidence-based approach to tailor cybersecurity economics and enhance risk reduction investments. 

Media Contacts

ICR/Lumina Communications for DeNexus

Danielle Scotto, Account Director