Eric W. Cowperthwaite has more than 25 years experience as a security practitioner and leader in both civilian and military settings. He was born in Sacramento, California, and raised in the surrounding communities. Eric graduated from Davis Senior High School and enlisted in the US Army shortly after. After serving in the Army for a decade, Eric returned to Sacramento and attended CSU, Sacramento, earning a BS in Computer Engineering.
Currently, Eric is the System Director & CISO of Providence Health & Services, headquartered in Renton, Washington. Providence has 32 hospitals and more than 60,000 employees located in Washington, Oregon, California, Alaska and Montana.
Prior to that, Eric worked for EDS for a decade. Eric worked in the Chief Security and Privacy Office of EDS, US Government Services, Security and Privacy Professional Services and U.S. Consulting. Eric served in the US Army for 10 years, including time in the Middle East, Western Europe on the "Iron Curtain” and Africa.
Eric is a member of a variety of industry organizations, including
- Founding Chair, Catholic Healthcare ISO Forum
- Pacific Northwest CISO Forum
- ISSA CISO Executive Forum
- Security Executive Council
Eric was CISO of Providence when they were the first healthcare organization to enter in to a Resolution Agreement with Health & Human Services to resolve allegations of violating the HIPAA Privacy and Security rules. He is the first CISO to be the Monitor for such a resolution agreement and successfully led the implementation of the Agreement at Providence, resulting in being the first covered entity to successfully complete a Resolution Agreement.
In addition, Eric served as the first ISO of Medi-Cal Fee For Service program (California’s Medicaid program) and established a HIPAA compliant program for them while contracted to the State from EDS.
Eric is a member of the Absolute Software Customer Advisory Council and the Symantec Managed Security Services Customer Advisory Council. He was also an inaugural member of both Cybertrust and GuardianEdge’s Advisory Councils prior to their acquisitions. Eric was asked by the ISSA Board to serve on the first CISO Executive Forum Advisory Council and was instrumental in helping to revitalize the CISO Forum and establish it as the premier peer to peer information security leadership forum.
Eric is routinely asked to speak on security topics by a variety of organizations, including the Society for Information Management, Gartner, CSO Magazine, the Department of Homeland Security, Senator Lieberman’s office, the Information Systems Security Association, and SANS. Eric was awarded the CSO Compass Award in 2012 by CSO Magazine for contributions to the field of Risk Management. He was also named among the 5 most influential IT Security thinkers in 2011 by SC Magazine and is a 2008 Computerworld Premier 100 IT Leaders honoree.
About Providence Health & Services
Providence Health & Services is a not-for-profit health system committed to providing a comprehensive array of services to meet the needs of communities across five states, including Alaska, Washington, Montana, Oregon and California. Providence continues the legacy of the Sisters of Providence and the Sisters of the Little Company of Mary in the West spanning more than 150 years.
Providence Health & Services includes 32 hospitals, more than 35 non-acute facilities, physician clinics, a health plan, a liberal arts university, a high school, approximately 60,000 employees and numerous other health, housing and educational services. The system office is located in Renton, Washington, a suburb of Seattle.
Statement of Goals
ISSA is the best organization in the world for a security practitioner to belong to. It is a professional association with nothing to sell but the value of its membership, the camaraderie and networks created, education of its members and advancement of the profession of information security. Because of this, I made a decision to join the ISSA and to work hard to make it a better, more capable organization.
I did that first by attending meetings and contributing my own knowledge and capabilities to the community of professionals that I met. Then I was asked if I would mind giving up some of my "spare” time to help the CISO Forum on the Advisory Council. Which I agreed to do, and worked with Dave Cullinane, Nils Puhlmann, and Ann Rogers to create a CISO Forum program that has made it the premier peer to peer security leadership forum to be found. Not long ago I made the mistake of telling Stefano Zanero that I thought the International Conference content presented an opportunity to be something even better than it already was. Stefano challenged me to put my money where my mouth was and I ended up as the Chair of the Content Committee for 2011 and 2012 Conferences.
The point of all of this is not to brag and say "look how great I am in ISSA”. Instead, I’m recounting this because it’s what Stefano pointed out to me when he decided to nominate me for election to the Board as a Director. He said, "look at all this volunteer work you’re doing. You already do the same amount of work as the Directors do, you might as well be one". Of course, I can’t say it with quite the same fantastic Italian accent he has, so I won’t try.
Why did I accept him nominating me and decide to run for election? I decided that I was already working hard to make ISSA better, that’s true. But I could keep doing that as just a volunteer. Instead, I wanted to take the opportunity as part of the governance and leadership of ISSA to fulfill that promise of being the pre-eminent professional association for information security practitioner. By working within the formal structures of ISSA, I can drive things such as the conferences, the direction of our various forums and the network of chapters, groups and committees to continue attracting the best and brightest professionals to the ISSA. It’s an opportunity for me to serve my community, to give something back after all of the great opportunities I’ve had to become a security leader.
I want to work with the other officers and directors, with the chapter leaders and with the members of the ISSA to continue to build and improve our ability to advance our profession, educate and develop our membership and provide opportunities for growth, networking and careers to information security professionals worldwide.
Back to Candidates
This information provided by candidate who is solely responsible for the