Chief Privacy and Information Security Officer
Author B.J. Neblett once wrote, “We are the sum total of our experiences. Those experiences – be they positive or negative – make us the person we are, at any given point in our lives. And, like a flowing river, those same experiences, and those yet to come, continue to influence and reshape the person we are, and the person we become.”
Under this belief – that a person is the sum total of his or her experiences – Patricia Titus is the perfect person to serve the global role of Chief Privacy and Information Security Officer for the multinational Markel Corporation. Her background as an airman in the U.S. Air Force and a globe-hopping businesswoman in her own right has given her the right experience, the right world-savvy perspective, to be the lead privacy and security person for the diverse conglomerate that is Markel.
Titus started her college education when she was in high school. After a few years of liberal arts studies, she enlisted in the Air Force and was sent to Japan as a Morse Code operator. Following her military service, she joined the U.S. State Department and worked in Jeddah, a seaside city in Saudi Arabia. “As a female in a male-dominated society, it was interesting living in Saudi Arabia,” says Titus. “I think for every country I’ve lived in, I’ve realized that I’m just a visitor, not staying, which made it easier to adjust.”
After Saudi Arabia, Titus and her family moved to Frankfurt, Germany. “My kids were elementary school age, so I spent more time at home, but I did work as a substitute teacher in the DoD school system,” she says. “After a few years in Germany, we moved to Zambia, Africa. I worked in Lusaka for the Honorary Consul of Switzerland, who was actually an Italian businessman who also ran an import electrical company and owned an export farm. I set up and ran his diplomatic mission. Two major projects I worked on were the restructuring of the Zambian debt and importing about $20 million worth of donated pharmaceuticals during the peak of the AIDS epidemic in Africa. I did consular activities for him which involved assisting Swiss and Austrian citizens based on a reciprocal agreement between the two countries. The work was very interesting, and I learned a lot about electrical supplies and importing materials into a developing nation. It was just a really great opportunity.”
Titus says she loved the experience of living in Africa. “When my kids went on a field trip, it was a serious field trip. It wasn’t like they were going to the zoo—they actually went out into the bush. They did school exchanges with Zambian schools, so it was an opportunity for them to really get to know the people and the culture. English is Zambia’s first language and the people are so friendly. We did a lot of traveling between Zambia and Zimbabwe where the Swiss Embassy is, and to South Africa as well. It was just a great opportunity to see Africa and observe the wildlife up close while living there.”
Then again, there were some drawbacks to living in a remote African town. “When I first arrived in country, probably the second week I was there, I got amebic dysentery. I was pretty sick from that, and the hospital facilities are not like they are in the United States, or they weren’t then,” says Titus. Her family faced other problems related to remote living. “The borehole went out in the water well, basically for several months. Getting the parts to make the repairs wasn’t easy. It’s not like you’re going to go around to the corner to your local Home Depot and pick up something to fix your well. You’ve got to order it and ship it, and it takes forever to get into the country. Half the time, things would get stolen or lost being shipped, and then we’d have to order it again. Those were just the challenges of living rural. But overall the experience was great. We had a nice compound that our house was on, and we kept a few animals and had enough space for a garden. It was a very interesting culture.”
When the African assignment ended, Titus ended up in Washington, D.C. “I didn’t really know what I wanted to do when I got back to the States,” she says. “Before I became a CISO, I tried my hand at several different things. I did loan origination, underwriting, and worked in financial services. Nothing caught my interest until I tried this high-tech stuff.”
The start of a tech career
Titus joined a storage company called Auspex Systems, where she got a lot of hands-on training and mentoring. “I got so much encouragement from the engineers in the office. I ended up working there for two and a half years,” says Titus. Following her time at Auspex, she did a couple of startup companies. “The fact that I’m still working is a pretty good indicator that the exit strategy did not include a big pay day for the principals! But I loved the entrepreneurial environment, and there is an experience that start-ups can deliver – the building, creating, imagining and improvising – that will stay with you throughout your career.”
Starting as a contractor, then transitioning to full time employee, Titus joined the U.S. Treasury Department. “That was just a really great experience. It meant going from the private sector and a lot of entrepreneur-type work into the government. I wasn’t sure it was going to work well for me, but I really enjoyed the people and getting to understand the government better,” says Titus. “I was doing security certification, accreditation and then pretty soon they flipped me over to doing more IT stuff. They never knew quite what to do with me, so I kept moving, shifting around to different divisions. I found myself in a job as a Technical Advisor to the CIO.”
“I got to play with all the ‘toys,’ basically—all the wireless devices that were coming out. Wireless was really just coming more into government agencies in the late ’90s, early 2000s. I was able to do a lot of wireless testing, and my military background had a radio theory upbringing, so that was a good foundation for wireless,” says Titus.
Her expertise with wireless and radio communications was instrumental to establishing communications among key government people immediately after the 9/11 terrorist attacks. “Here’s this massive amount of people that need to communicate securely. Wireless systems were saturated, the Internet was saturated, phone lines were saturated, push to talk wasn’t working, and then we found that land mobile radio and the old 2-way pagers worked at a different frequency spectrum than cellular,” says Titus. “We had to figure out how to get communication assets to all these people, and we didn’t want them talking about sensitive information on an open airway because we didn’t know how big 9/11 really was. Was it an isolated group of terrorists or was there more communication monitoring going on? We didn’t know, so we wanted more secure communication.”
“I reached out to a company I’d been working with, to one of my contacts who was a former FBI agent. I told him we needed more pagers and to get them configured with security so we could get them into the hands of Treasury people. This was September 12, the day after the attacks, and here he was trying to drive a pickup truck with a tarp over it, filled with boxes of electronic devices, into Washington, DC, which was practically on lock-down. You can imagine what happened at every checkpoint. Every time I run into him these days, we have a good chuckle about that.”
After 9/11 tested her technical mettle, Titus was asked to work on planning and deploying the Treasury’s secure 2-way communications network for the 2002 Winter Olympics in Utah. “I worked with a Customs agent to deploy equipment into Utah’s network, which needed to be redesigned so that we could put government equipment in their network to support visits by the president, the vice president and other dignitaries. That was a great experience. I was in Utah off and on for a year and then went full-time six weeks before the Olympics,” she says. “My colleague and I would drive around to the different Olympic venues in two different rental cars with every electronic device for communication stuck to the dashboard. Then we’d stop miles apart and say, ‘Can you hear me now?’ We’d use all these different devices to check coverage in the venues because it’s so mountainous there. Then we made sure that we had repeating trailers pulled in so that we could keep communications up. It was a lot of fun.”
The first female federal CISO
Once the Olympic games were over, Titus transferred to the newly formed Transportation Security Agency (TSA). She began her job as the wireless program manager, deploying wireless devices and classified telephones for the federal security directors at the airports. “TSA was so small when I first started, but the agency grew very quickly. When I started my job in April 2002, there were just a few hundred employees. By the end of the year, we were 56,000 strong,” according to Titus.
She kept telling the TSA CIO that someone had to focus on information security and he put her in charge of that as well. It wasn’t long before security was her sole focus, and this is when she became the first female federal CISO. “I had a green field and was able to start from the ground up. I built an outstanding team. We didn’t have a lot of legacy systems other than a few systems we acquired from the FAA. It was a great assignment, and a great six years of my life.”
In 2008, Titus took a private sector job with Unisys. Initially she worked in their corporate offices looking at their security portfolio, the services and solutions that they sold, what the company might need to invest in or divest from. Then she was asked to take on the federal CISO position for Unisys to help drive compliance with FISMA (Federal Information Security Management Act) requirements. She eventually assumed a global CISO role for the company, once again bringing her international experiences to the fore.
Then she got a call from Enrique Salem, who was CEO of Symantec at the time. He asked, “What do I need to do to get you to come and be my CISO at Symantec?” Titus jumped at the opportunity to be the top security officer at the world’s largest security solutions company. “I had so much respect for Enrique and was anxious to work with him,” says Titus. She stayed with Symantec until after Salem left the company and the senior leadership positions changed hands.
“When I left Symantec, I took a bit of a break and hiked around Australia to think about my next moves,” says Titus. “I was very close to taking a job overseas when I ended up taking the CISO position at Freddie Mac instead. This was a challenging job because, when I got there, Freddie Mac was under government conservatorship even though it was a private company. It brought in all of my professional knowledge and all of the background that I had to build that security program back up from the ground and get a strategy in place. I learned quite a bit through this most challenging job.”
After her stint with Freddie Mac, Titus again took a break and went hiking in the hills of New Zealand to clear her mind. She took various consulting jobs and did some work she loved for the Ponemon Institute where she is a Distinguished Fellow. Then Markel Corporation tracked her down and offered her the CISO position. “Everybody I interviewed with talked about how great this company is,” says Titus. “So I couldn’t pass it up. The company is so committed to their Associates with the strong Markel Style as our foundation. It’s the best job I’ve had yet and I’m looking forward to the future.”
At this writing, Titus splits her time between the U.S. and the London offices. “We’re just building a new office now in Germany to meet the Brexit requirements,” says Titus. “With a global team it’s important for me to spend time with them. Also, we have conversations with the underwriters and the claims associates because Markel also underwrites cyber insurance. They have a set of resources at their disposal that really understand the threat landscape and what’s happening in cybersecurity.”
Despite the demands of her job and her global travels, Titus still finds time for outside industry and community involvement. She is a member of the board of advisors for Gardant Global Inc., Forcepoint, and the Executive Women’s Forum. She is a mentor for the MACH37 Cyber Accelerator, and she serves on the Board of Directors for the Girl Scouts of the Commonwealth of Virginia.