Ross Young is part of the Adjunct Faculty at Johns Hopkins. 

He is also the CISO of Caterpillar Financial Services Corporation, a SANS Instructor,  a CISO Tradecraft Podcast Co-Host, and the Creator of the OWASP Threat and Safeguard Matrix (TaSM)

His expertise ranges from attacking financial services for the federal government to defending organizations by automating defenses in DevSecOps pipelines. He is actively involved in all things cloud, container, and kubernetes security.  Ross holds master’s and bachelor’s degrees from Johns Hopkins University, Idaho State University, and Utah State University. Ross’s interest in pirates and ninjas have inspired him to stealthily improve security without the paperwork.

Education History

  • B.S. Computer Science, Utah State University
  • B.S. Business, Utah State University
  • M.B.A. Information Assurance, Idaho State University
  • M.S. Information Systems Engineering, Johns Hopkins University

Work Experience

CISO, Caterpillar Financial Services Corporation


Creator of the OWASP Threat and Safeguard Matrix (TaSM)

Professional Organizations