Craig Shumard is the Principal at Shumard and Associates, LLC which is a boutique strategic security consulting company specializing in helping decision makers develop strategies, evaluate, select, implement, improve and measure information security solutions. 

Craig retired from CIGNA in 2010 where he held the CISO position for 11 years and had a record of accomplishments in his career.  He is a recognized thought leader and spokesman in the area of information protection.  A keynote speaker at national conferences and events and featured in national publications including The Wall Street JournalInformationWeek, Information Security Magazine and CSO Magazine, his work and contributions to the information security industry earned him the coveted 2010 ISE® Luminary Leadership Award presented by T.E.N.

Craig has dedicated more than two decades to protecting private, sensitive and confidential information as Chief Information Security Officer of CIGNA Corporation from in May 1999 until his retirement in 2010. In this role, he was responsible for developing and overseeing the implementation of a corporate-wide information protection strategy, which addressed all matters related to safeguarding and protecting business and individual information for more than 65-million health plan, insurance and financial customers.

As the CISO, Craig re-engineered the Information Protection Practice to ensure the delivery of security services through a risk-based program that cost effectively implemented security controls to protect company assets and aligning to business requirements and objectives. This innovative risk-based approach encompassed and combined business processes as well as technology to safeguard business information.

Craig has a proven record at leading and implementing efficient and effective computer security in large complex environments with significant regulatory requirements.  He has demonstrated leadership in information security and business continuity concepts and deployment models which focuses on enabling business securely while developing a 21st century information protection operation.

During his career, Craig was an early adopter of emerging ‘best of breed’ security technologies, many of which became featured products for leading security solution vendors. A few examples include Axent ESM/ITA, Sygate, Vontu, all acquired by Symantec, AppScan acquired by IBM, and Fortify acquired by HP.  Craig also worked with other ‘leading and emerging’ vendors in their early product releases including:  Verdasys, Aveksa, Qualys, and Securent (which was recently acquired by CISCO).  Craig has also served on customer advisory boards for prominent security companies such as Symantec, Aveksa, Verdasys, Fortify, GuardianEdge and the “Security for Business Innovation Council.” 

He currently serves as an advisor to the following companies; AirPatrol, Information Security Magazine, Tenable Network Security, Aveksa, MobileIron, Venafi, Avior and Security Risk Advisors. Craig is also a current member of the HP Enterprise Security Customer Advisory Board.

Under his leadership, CIGNA was ranked first in IT Security in the 2006 InformationWeek 500, and Craig was named one of security’s thought leaders being awarded  2006 “Security 7” by Information Security Magazine.  Craig also earned the 2005 Information Security Executive® of the Year Tri-State Award and the 2010 ISE® Luminary Leadership Award.