Retired Information Security Officer
Johnson & Johnson
Gary Secrest is an accomplished senior executive with outstanding technical and management credentials and a proven record of results in the Information Security and Risk Management fields. He has over 42 years experience in information security, information security risk management, and associated information technologies in both the Federal government and the private sector. He has extensive experience in strategic planning and enterprise-level security architecture development in large and complex information technology infrastructures.
From July 1999 until his retirement in January 2011, he was in a senior information security position with Johnson & Johnson. Most recently he led efforts to develop an extensive information security risk program for the Johnson & Johnson IT enterprise and proposed appropriate security strategies to mitigate those risks. The security architecture for this enterprise must be driven by a robust risk management approach which can withstand the scrutiny of regulators while enabling efficient operations. Other key accomplishments while at Johnson & Johnson include:
Gary is also a leader in organizational development and productivity improvement. He was one of the founders of SAFE Bio-Pharma Association; a Bio-pharmaceutical industry coalition formed to help standardize identity management and trusted digital credentials across the healthcare industry. These credentials support identity management, authentication, and digital electronic signatures for electronic systems and records in the healthcare arena. Gary was appointed as Johnson & Johnson’s member of the SAFE Board of Directors and subsequently was elected as the first Chairman, serving as the Chairman until retirement from Johnson & Johnson in 2011. He remains on the SAFE Bio-Pharma Association Board of Directors as an independent member.
Prior to Johnson & Johnson, Mr. Secrest enjoyed a 31 year career with the US Department of Defense retiring as a member of the Senior Cryptologic Executive Service. The vast majority of his career with NSA was spent in the Information Security area with a strong focus on information technology, information security technology and information security systems engineering. Beginning as a Cryptologic Engineer, Gary progressed through numerous technical and management positions with consistently increasing levels of responsibility for development and production of communications security devices. He was instrumental in establishment of NSA’s initial computer network security and information system security engineering efforts. As a Senior Cryptologic Executive he managed development of a new information security strategy for the Department of Defense designed to improve protection and operational readiness of information systems; helped drive development and implementation of a new business approach which increased use of commercial information security products to reduce costs and enhance new technology implementation within the Federal government; and, was the first Program Manager for development of the DoD Public Key Infrastructure.