Gary Hayslip


As Chief Information Security Officer (CISO) for Webroot, Gary Hayslip advises executive leadership on protecting critical information resources and oversees enterprise cyber-security strategy. As CISO, his mission includes creating a “risk aware” culture that places a high value on securing and protecting customer information entrusted to Webroot. Gary is a proven cyber-security professional, with a 20+ year record of establishing and leading enterprise information security programs and managing multiple cross-functional network and security teams. He has established his reputation as a highly skilled communicator and a dynamic presenter. Gary has demonstrated his ability to work within all business channels of an organization, and is extremely effective in communicating the nuances of cyber-security in business/risk terms to executive management. He recently coauthored the “CISO Desk Reference Guide: A Practical Guide for CISOs – Volumes 1 & 2” which are considered some of the leading books on enabling CISOs to expand their expertise and scope of business knowledge.

Gary’s previous information security roles include multiple CIO, CISO, and Deputy Director of IT positions for the U.S. Navy (Active Duty), as a U.S. Federal Government employee, and for the City of San Diego. In these positions, he was instrumental in architecting security programs from the ground up, auditing large, disparate networks and consolidated extensive legacy network infrastructures into converged virtualized datacenters.

Gary is extensively involved in the cyber-security and technology startup communities in San Diego. He serves as an advisory member of the EvoNexus Selection Committee where he reviews and mentors Cyber-Security and Internet of Things startups, and he sits on the board of directors for both the Cyber Center of Excellence and the San Diego Infragard chapter. Gary is an active member of the professional organizations ISC2, ISSA, ISACA, OWASP, and Infragard; he currently holds several professional certifications to include CISSP, CISA, and CRISC. Gary has a Bachelor of Science in
Information Systems Management, a Master’s in Business Administration, and have over 20 years of experience in Information Security, Enterprise Risk Management, and Data Privacy.