Andy Ellis

Former CSO at Akamai, Cyber Security Advisor, and Expert in Risk Decision Making
Andy Ellis speaker
  • As Akamai CSO, grew the company’s security business to more than $1B
  • Recipient of CSO Compass Award, Air Force Commendation Medal, Spirit of Disneyland Award, and Wine Spectator Award of Excellence (for The Arlington Inn)
  • Draws on 20+ years of security experience to explore how and why humans make risk choices and decisions

Play Video View Fees Add to List

Check Fees & Availability

With a career devoted to understanding how humans make decisions, Andy Ellis is a seasoned technology executive with deep expertise in security. An advisor to several cyber security startups, including Orca, Vulcan, and Uptycs, he also serves as an operating partner at cyber security venture capital firm, YL Ventures. The former chief security officer of Akamai Technologies, Ellis spent two decades “making the Internet suck less,” witnessing first-hand how humans inside and out make critical decisions about security and safety.

Exclusively represented by Leading Authorities’ speaker bureau, Ellis shares his expert insights on internet safety, risk management, decision making, and security governance. Combining more than 25 years of security experience with insider anecdotes from his time serving as a CSO, he explores how and why humans make risk choices and decisions – and their impact on security. With his signature humor and relatability, Ellis teaches audiences how to protect their organizations by identifying the hidden factors that influence our risk choices, along with actionable strategies to help guide people to make more favorable, more secure decisions. 

In his 20 years with Akamai, he was a driving force behind transforming the company into a major security player – growing its security business to more than $1B in annual revenue, while also governing risk across the business. He designed and brought to market Akamai's TLS acceleration network, its DDoS defense offerings, and several of its security solutions. He also guided Akamai's IT transformation to a distributed, zero-trust enterprise based on strong authentication. In addition to creating a safe and secure platform for its customers, Andy was instrumental in driving adoption towards compliance standards such as PCI and FedRamp that were critical to Akamai’s growth. He developed the Severe Vulnerability process that is the foundation of identifying and mitigating risks quickly on Akamai’s platform, led its vulnerability management strategy, and under his leadership, grew representation of women in its information security team to more than 40%.

Active in internet policy and governance circles, Ellis has supported Akamai CEOs in roles on the NIAC and NSTAC, as well as directly served on the FCC’s Communications Security, Reliability, and Interoperability Council. He has spoken at conferences like RSA and Business of Software, and lectured at the Harvard Kennedy School, Harvard Business School, Army War College, BC Law, and the MIT Sloan School.

Ellis has received a wide variety of accolades, including the CSO Compass Award, Air Force Commendation Medal, Spirit of Disneyland Award, Wine Spectator Award of Excellence (for The Arlington Inn), and was the winner of the Sherman Oaks Galleria Spelling Bee. He was also inducted into the prestigious IDG CSO Hall of Fame in 2021, which honors those whose work has advanced the CSO/CISO role, secured businesses, and inspired others in the industry.

In addition to serving as CEO and principal of Duha Inc., the subscription-based leadership training program he co-founded with his wife, Ellis currently serves on Harvard University’s Visiting Committee to IT and is writing a book on leadership. A graduate of MIT with a degree in computer science, Ellis served as an officer in the United States Air Force with the 609th Information Warfare Squadron and the Electronic Systems Center.

Continue Reading »

Speaker Video

20 Years In: Security’s Grand Challenges, Then and Now

Andy Ellis: Human Decision Making in the Era of Coronavirus

How Do I Get My Company to Ditch the Firewall

Managing Risk with Psychology Instead of Brute Force - Andy Ellis - RSA Conference US 2013 Keynote

COVID-19: Cybersecurity workers have in-demand skills

Humans Are Awesome at Decision Making. Security professionals, and people in general, tend to assume humans are not great at making risk decisions. But in this talk, cyber security advisor and former Akamai CSO Andy Ellis instead argues that humans are awesome at managing risk – exploring humanity’s tendency to make rapid, generally correct choices.

Relating human decision making to organizational excellence, Ellis will share actionable insights on how to:

  • Understand how risk choices that appear unreasonable from the outside may not be.
  • Learn how to identify the hidden factors in someone’s risk choice that most influence it.
  • Find out how to help guide people to risk choices that you find more favorable.

Decision Making in the Modern Era. In this talk, security executive Andy Ellis expands on his “Humans are Awesome” talk and dives into the evolution of decision making in the current era and beyond. In a world of unprecedented challenges and crisis management, Ellis will explore the impacts of the novel risk, along with the importance of preparedness, in today’s individual and organizational decision making.

Security’s Grand Challenges, Then and Now. Spoiler: It’s not the user’s fault. Security’s grand challenges have evolved significantly since the 1990s, when security professionals mostly needed intelligence, scale, and layered solutions. Today’s teams struggle with an overabundance of implicit trust, know their businesses are over reliant on passwords, and face skills gaps for managing architectures assembled from third-party sources—creating exposure, especially as they deal with cloud migration under shared-responsibility models. Cyber security advisor and former Akamai CSO Andy Ellis will show how security’s grand challenges have shifted over the years, discussing his experiences mitigating advanced threats—and providing insight into evolving future threats.

From Y2K to Today: The CSO’s Journey. With more than two decades of cyber security experience and the former CSO for Akamai, Andy Ellis takes groups behind-the-scenes of leading security at a top technology company through the ever-changing business landscape. From moving passwords to keys (before it was cool) and driving adoption towards compliance standards, to managing cross-functional risk, Ellis provides an inside look at how he built a world-class, diverse information security team of over one hundred professionals who governed risk, safety, intelligence, and compliance across the entire business – and shares how other organizations can do the same.

Leadership +1%. Former CSO and security thought leader Andy Ellis delivers an inspiring talk on effective personal, team, and organizational leadership, focusing not on “one simple trick,” but on the value of incremental improvements – adding 1% at a time – in leading effective teams. Drawing on more than twenty years of diverse leadership experience, from working in the technology, entertainment, and hospitality industries to serving in the military, Ellis discusses the importance of company culture built on trust and communication, and offers groups guidance on how to be an impactful leader that drives innovation and success. 

Leading to Representation. There isn’t just one secret to solving an organization’s diverse representation and inclusion issues; this task requires a many-year effort with clear, visible intentions. Using real-life data and strategies from his time as CSO of Akamai, Ellis provides a detailed roadmap of how one can build inclusive teams and change representation at any organization. Ellis grew his cyber security organization at Akamai to 41% women and 28% underrepresented minorities using this approach. Breaking it down into four focus areas – retention, longevity, promotions, and hiring – he delivers actionable tactics for groups to effectively build and maintain an inclusive environment at all levels.

Continue Reading »