top of page
unnamed_edited_edited.jpg
Hands on Keyboard

Cyber 2 Secure

Chief Information Security Officer

Contact Me

Meet Yitzhak (Isaac) Baruch

0A26B7E6-06DA-4E34-8B1A-55D4F90DAB23.png

Areas of Expertise:

 

  • Information/Data Security and Management

  • Firewalls and Infrastructure

  • IT Management and Strategy

  • Enterprise EDR/XDR Software 

  • Cloud Computing | Pen Testing Security

  • Ethical Phishing 

  • IT Forensics

  • Military Service and Leadership

  • Project Management 

  • Budget Preparation/Administration

Cybersecurity Services

I have a broad background in a variety of disciplines (IT Infrastructure, Information Security and IT Controls/Compliance/Risk) at local, regional and global levels and have worked my way through various levels of management.

Cybersecurity Consulting Services

Cybersecurity consulting services to help organizations protect their systems, data, and networks from cyber threats. Consultants assess risks, identify vulnerabilities, and recommend or implement security measures based on standards like NIST and ISO. They may also support compliance, conduct security testing, and help respond to incidents to reduce overall risk These advisory services will guide the IT Infrastructure and security teams and will also include briefing the board on the threat landscape, aligning security strategy with business goals, ensuring compliance with frameworks like NIST and ISO, and evaluating management’s cybersecurity programs. They also help boards prepare for incidents by defining oversight roles, crisis response expectations, and reporting structures.

Cybersecurity Technology Tailoring Services

Cybersecurity technology tailoring services focus on customizing security tools and systems to fit an organization’s specific risks, infrastructure, and compliance needs rather than using generic setups.

They typically include:

Designing security architecture (e.g., Zero Trust Architecture).

Tuning protection tools like Microsoft Defender.

Customizing monitoring platforms such as Splunk.

Setting up identity and access controls with tools like Okta.

Aligning systems with compliance standards.

Automating threat detection and response.

The goal is to improve security effectiveness, reduce false alerts, and ensure systems match realworld threats and business requirements.

In House Services

Security strategy & governance (building a long-term cybersecurity roadmap).

Risk management (identifying and prioritizing security risks).

Compliance support (e.g., SOC 2, ISO 27001, HIPAA, PCI-DSS).

Security policies & frameworks (creating enterprise security standards).

Incident readiness & response planning.

Vendor and third-party risk management.

Security reporting to executives/board.

Security program oversight and improvements.

These services are usually delivered on a part-time, subscription, or advisory basis, or as hiring a full-time executive.

Experience

GIORGI GLOBAL HOLDINGS, Wayne, PA

Vice President – Global IT Security

As the leader of information security, I was responsible for creating and executing enterprise-wide security strategy in a fast-moving, results-driven global organization. This includes setting the vision, architecture, policies, and standards for GGH’s cybersecurity operations enterprise-wide. I have created and managed business-aligned IT security, risk, and compliance programs by developing, documenting, implementing, and maintaining comprehensive security compliance and privacy frameworks. Along with operational responsibilities.

• Worked with Executive Leadership to define acceptable levels of business risk

• Lead the development of concrete, actionable roadmaps for improving information security/cybersecurity and IT risk management programs, and achieving strategic initiatives

• Drive security standards across the organization, including information security policies and guidelines (data privacy, data classification, endpoint security, etc.)

• Work collaboratively with teams to ensure “privacy and security by design” and satisfaction of regulatory and/or contractual obligations in new products and product features

• Enhance the organization’s ability to detect, prevent and mitigate all security threats

• Understand the organization’s operations and communicate cybersecurity priorities/gaps from a business perspective

• Lead the architecture and engineering of new security systems, including evaluation of technical designs

• Monitor the external environment for emerging threats and proactively consult with stakeholders on appropriate courses of action

• Engage senior leadership across the organization to communicate the cybersecurity strategy and key information security initiatives

• Provide guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans

AXALTA COATING SYSTEMS, Glen Mills, PA

Vice President - Chief Information Security Officer

• Designed a global security framework reducing costs by 20% and saving $500K annually.

• Built and led the cybersecurity team, achieving zero breaches in year one.

• Formed and chaired the Cybersecurity Steering Committee; authored charter and playbooks, engaging 200+ staff across IT, compliance, and security.

• Implemented a framework aligned with ISO 27000 and NIST 2.0, ensuring SOX, SEC, and GDPR compliance.

• Led risk assessments and integrated four M&A targets, improving organizational resilience.

• Completed global TISAX gap analysis and executed vulnerability remediation plans.

• Established a Global SOC leveraging SOAR and external services, enhancing incident response.

• Formed a CSIRT with detailed playbooks, boosting response efficiency by 40%.

• Directed disaster recovery planning with infrastructure and operations teams, achieving 99.9% uptime.

• Deployed OT/SCADA security solutions, cutting response times by 80%.

• Streamlined access controls, reducing excessive permissions by 20%.

• Enforced global security policies and playbooks for 17,000+ personnel.

• Developed an executive KPI dashboard with 14 compliance and risk metrics.

DLL – DE LAGE LANDEN, King of Prussia, PA

Information Security Officer

Conducted quarterly reviews of existing policies resulting in zero non-compliant alerts during audits by aligning practices strictly within regulatory guidelines for three distinct subsidiaries under the Rabobank umbrella.

• Authored detailed documenta-on outlining best practices in the information security management process at DLL; facilitated interdepartmental workshops resulting in zero non-compliance alerts during subsequent audits over an entire year of operations.

• Improved and maintained an information security framework consistent with industry best practices, which led to achieving 100% compliance during external audits while enhancing overall data protection for sensitive company assets.

• Partnered with diverse teams across 12 significant IT projects, delivering tailored data protection measures that decreased vulnerabilities by identifying and addressing potential risks prior to deployment deadlines within the organization.

CYBER2SECURE, West Chester, PA, Founder and Chief Executive Officer

MATRIX-EXZAC, Jersey City, NJ, Director of Security Services and Anti Money Laundering  

VISHAY INTERTECHNOLOGY, INC., Malvern, PA, Senior Director of Global Infrastructure and Security

Chief Information Security Officer with experience in developing and implementing cybersecurity strategies for Fortune 500 companies. Spearheaded cybersecurity teams, recognized for exceptional cost reduction through risk assessments. Championed initiatives that enhanced organization resilience against threats while ensuring compliance with global security standards across acquisitions.

Education And Professional Development

Master of Science (MS), Journalism and Information Technology, Tel Aviv University – Koteret School, Tel Aviv, Israel Chief Security Officer Training course, Information Technology Security, John Bryce College

Board Membership

Advisory Board Member at the - Cyber USA & Cyber Security Hall of Fame

Code Terminal Screen

30+ Years Of Experience

My 30 plus years within IT Infrastructure and Security has served me well, provided a base of experience and knowledge that I carried over to my other challenges.

Effective design, implementation and monitoring IT infrastructure and security structures has been the basis for my success within IT departments. It has served as the foundation that enabled me to built successful Infrastructure, Information Security and IT Risk practices.

Having worked at all three levels of an organization (local, regional and global) has provided me insight as to how things work from a strategic, tactical and practical (implementation) perspective with each offering different challenges and perspectives on the balance between the business and the technical teams I built and managed.

Contact Me

Mon- Fri - 7:00 AM - 18:00 EST

Emergencies call anytime

Programmer at Work
bottom of page