Areas of Focus
- Cyber Defense, Risk Management and Business Case Development
- Software Lifecycle Security
- Safety and Security Program Evaluation
- Led build-out of cyber defense model utilizing the MITRE ATT&CK Framework for market-leading clients in financial technology, business technology services and retail sectors
- Oversaw cyber defense model build-out for Fortune 100 manufacturing organization utilizing MITRE ATT&CK for Industrial Control Systems
- Led software supply chain national security reviews for multiple global software providers
- Oversaw build-out of Information Sharing & Analysis Organization for leading industry association
- Led review of safety data systems for market-leading peer-to-peer travel platforms
Adam is a Principal at The Chertoff Group, where he helps clients manage security and safety risk. Representative projects have included cybersecurity risk diagnostics, security strategy development, security resourcing studies, framework development, exercises, senior management training, penetration tests and security audits.
He is also principal drafter for the firm’s security risk management methodology, which was approved by the U.S. Department of Homeland Security for SAFETY Act designation in 2017.
Prior to joining The Chertoff Group, Adam worked at Raytheon Company where he was the Director of Strategy and Policy Consulting for homeland security. Previously, Adam served as the Deputy Chief of Staff at the U.S. Department of Homeland Security (DHS). At DHS, he coordinated policy decisions, including on technology standards, regulations and business rules, for numerous border, travel security and critical infrastructure protection programs. He also staffed the Secretary on the launch of the Comprehensive National Cybersecurity Initiative.
Before joining DHS, Adam served at the U.S. Department of Justice, where he started his legal career as a trial attorney in the Criminal Division in 1997. From 2002-2003, he was a Director of International Economic Affairs at the National Security Council, where he managed preparations for the 2002 G8 Summit. From 1998-2001, he was also secretary of the G8 High-tech Crime Experts Group.
- Certified Information Systems Security Professional (CISSP)
- Admitted in New York, Massachusetts, District of Columbia bars
- J.D., Harvard Law School
- B.A., History, Yale University
Recent Publications, Interviews and Panels
"Enterprise Cybersecurity Measurement," Lawfare, March 26, 2021 - https://www.lawfareblog.com/enterprise-cybersecurity-measurement
"Operationalizing ATT&CK through CISA Alerts," DHS National Cybersecurity Summit, Sept. 16, 2020 - https://www.cisa.gov/publication/cybersummit-session-day-1-operationalizing-attck-through-cisa-alerts
“As the Pandemic Spreads, An Infodemic Rages,” Security Management magazine, June 1, 2020 (interview) - https://www.asisonline.org/security-management-magazine/articles/2020/06/as-the-pandemic-spreads-an-infodemic-rages/
“One Security Framework May Be Key to Cyber Effectiveness,” TechTarget, May 2020 (interview) - https://searchsecurity.techtarget.com/feature/One-security-framework-may-be-key-to-cyber-effectiveness
“Cyber Resiliency from the Inside Out,” Cyber Risk Board Forum (in partnership with RSA Conference), Feb. 24, 2020 (panel moderator) - https://www.businesscyberforum.com/agenda
“Cyber Risk Management and the Retail Enterprise,” National Retail Federation BigShow, January 2020 (panel moderator)
Reboot Leadership Award, Outstanding Educator, SC Magazine, September 2019 - https://www.scmagazine.com/home/events/reboot-leadership-awards-2019/adam-isles-the-chertoff-group/
“Incentives to Address Homeland Security Risks within IoT Technologies,” American Bar Association (ABA), “The Internet of Things: Legal Issues, Policy, and Practical Strategies,” ABA Section on Science and Technology Law, March 2019 (author) - https://www.americanbar.org/products/inv/book/358967386/
“Securing Tomorrow’s Supply Chain,” Cyber Risk Board Forum (in partnership with RSA Conference), March 4, 2019 (panel moderator) - https://events.bizzabo.com/209069/page/1348835/agenda
“Government and the Private Sector Share Responsibility for Secure Infrastructure,” Security Technology Magazine, September 2018 (author) - https://www.securityinfowatch.com/article/12427475/government-and-the-private-sector-share-responsibility-for-secure-infrastructure
“Amend the SAFETY Act to cover state actor cyberattacks,” The Hill, April 2018 (author) - https://thehill.com/opinion/cybersecurity/382642-amend-the-safety-act-to-cover-state-actor-cyber-attacks