Additional Info

Job title of nominated professional (or team name)Chief Information Security Officer at Datto
Company (where nominated professional or team is working)Datto
Websitehttps://www.datto.com/
Company size (employees)1,000 to 4,999
CountryUnited States
Headquarters RegionNorth America

Overview

Datto is the leading provider of enterprise-grade technology for small and medium-sized businesses (SMBs) delivered through the global community of local IT providers called Managed Service providers (MSPs). Datto’s proven Advanced Threat Protection, Unified Continuity, and Business Management solutions drive cyber resilience, efficiency, and growth for MSPs. Delivered via an integrated platform, Datto’s solutions help its global ecosystem of MSP partners serve over one million businesses around the world. From proactive, dynamic detection and prevention to fast, flexible recovery from cyber incidents, Datto offers a variety of solutions to defend against costly downtime and data loss in servers, virtual machines, cloud applications, or anywhere data resides. Founded in 2007, Datto currently has over 20 global locations and more than 2,000 employees.

As CISO for Datto, Ryan has built an industry-leading cyber security organization from scratch that focuses on partnership with constituents and deploying real protections that actually make people safer. He has deployed and maintained a robust set of security countermeasures and threat detection mechanisms to protect Datto employees and customers from attackers without affecting their ability to complete their day job. Ryan oversaw the creation of a security compliance program that has delivered robust security compliance certification for the full suite of products and services that gives Datto customers confidence in the maturity and effectiveness of the Datto security program.

Prior to Datto, Ryan spent 11 years securing enterprise applications, systems, and sensitive customer financial data at FactSet Research Systems, where he orchestrated all facets of the global information security program. Ryan holds a B.S. in Computer Information Systems from Ithaca College, a M.S. in Information Assurance from Northeastern University and holds security certifications including the Certified Information Systems Security Professional (CISSP) and the Certified Information Security Manager (CISM).

Accomplishments

During his career Ryan Weeks has led his team as cyber criminal groups set their sights on the IT and MSP industry by (1) creating educational materials for MSPs to analyze their own defenses (2) driving the creation and requirement of security controls in Datto products that help customers defend against common attacker tactics and (3) continuously remaining committed to its partners and the MSP community as a whole by releasing free scripts to all MSPs to combat the evolving threat landscape, including the recently discovered Log4j vulnerability.


Knowing that secure application development is crucial to the overall security posture of any business, Ryan and his team recently led Datto in its commitment to implement the Building Security in Maturity Model (BSIMM) assessment, an independent third-party security assessment of software applications based on a widely- accepted maturity model. Thanks to Ryan and his team’s work, Datto Remote Monitoring and Management (RMM) ranked in the top 20% of all companies undergoing their first BSIMM assessment. Datto is the only MSP-focused company to participate, and Datto RMM is the only channel RMM that has been evaluated to date and any new participants going forward will be benchmarked against Datto and a list of well-known enterprise companies.


Earlier this year, Ryan was invited to join the Ransomware Task Force as a founding member alongside other global leaders from Microsoft, Rapid7, and Citrix. On the task force, Ryan represented MSPs and SMBs in their battle against ransomware, focusing on their specific cybersecurity interests and needs. The intent of the task force is to influence the current U.S. administration on its cyber policy, and Ryan brought light to the issues MSPs and SMBs face along with sharing his industry expertise to give guidance on national threats.