Ross Young is the CISO of Caterpillar Financial Services Corporation, a SANS Instructor, a Johns Hopkins University Instructor, a CISO Tradecraft Podcast Co-Host, and Creator of the OWASP Threat and Safeguard Matrix (TaSM)

His expertise ranges from attacking financial services for the federal government to defending organizations by automating defenses in DevSecOps pipelines. He is actively involved in all things cloud, container, and kubernetes security.  Ross holds master’s and bachelor’s degrees from Johns Hopkins University, Idaho State University, and Utah State University. Ross’s interest in pirates and ninjas have inspired him to stealthily improve security without the paperwork.

Education History

  • B.S. Computer Science, Utah State University
  • B.S. Business, Utah State University
  • M.B.A. Information Assurance, Idaho State University
  • M.S. Information Systems Engineering, Johns Hopkins University

Work Experience

CISO, Caterpillar Financial Services Corporation

Publications

Creator of the OWASP Threat and Safeguard Matrix (TaSM)
https://owasp.org/www-project-threat-and-safeguard-matrix/